The present invention relates to methods for protecting a host system from information-security risks posed by mass-storage devices by routing communication through a network protocol, and by applying a firewall.
USB flash drives (UFDs) are well-known devices for providing portable data storage. UFDs are typically configured to be interchangeably connected to multiple computers. Because of this feature, UFDs pose an inherent information-security risk to a host computer. Such a risk necessitates implementation of security measures.
The prior art offers a variety of security measures for protecting host computers from risks associated with portable data-storage devices. Examples of such security measures include anti-virus programs and the mTrust solution (available from SanDisk IL Ltd., Kefar Saba, Israel).
The prior-art solutions suffer from inherent limitations that reduce their value. The prior art is typically configured to handle only one type of security risk. Anti-virus tools are typically limited to deal only with viruses, while mTrust-type solutions are limited to address risks associated primarily with access control.
It would be desirable to have an information-security system for protecting a host system from a broad array of information-security risks posed by a UFD security, while complying with the information-security policy of the host-system user.