Removable media devices enable users to extract significant amounts of sensitive data from a data source. Moving data using thumb drives or other removable media devices has become a common a practice, even among information technology and security specialists. Such data transfers go largely undetected. Once sensitive data has moved to a removable storage device it is easily removed from the enterprise and compromised. Thus companies, governments and other organizations risk losing the data or exposing it to unauthorized recipients. Further risks include violations of laws and regulations requiring audit trails or encryption when moving of sensitive data.
Banning the use of removable media or rendering removable media devices inoperable is not a viable solution. Removable devices have many legitimate business applications. Encrypting the data when moving it to removable media is one solution. However, encryption has drawbacks as a security mechanism for removable media. Encrypting large amounts of data can be time consuming and encryption policies are difficult to enforce. Without user diligence and willingness to comply with encryption requirements, encryption is a relatively weak security mechanism for removable media.
What are needed are systems and methods for writing to removable media that would automatically enforce a removable media security policy without relying on a user to take action such as encrypting data to be transferred. Further needed are systems and methods for enforcing a removable media security policy that are transparent to a user