1. Technical Field
The present invention relates to a system and method for a virtualized hypervisor to detect insertion of removable media. More particularly, the present invention relates to a system and method for using a client-side hypervisor in conjunction with a secure network-side monitoring mechanism to detect removable media insertions since a client's last secure network session.
2. Description of the Related Art
Mobile clients, such as laptop computers, have grown in popularity due to a growing demand from users requiring portability. Even though a user may operate a mobile client disconnected from a corporate network, the user frequently requires connectivity to the corporate network, usually over a secure network connection. As such, the user's mobile client is intermittently connected to the corporate network.
This intermittent connectivity presents problems for corporations attempting to ensure that mobile clients are free from security threats because the corporations are not able to track client activities when the clients are disconnected from the corporate network. One of these activities that pose a security threat is when a user inserts removable media into the client device in order to install unapproved software or files. The unapproved software or files may include virus that may ultimately enter into the corporate network the next time the mobile client logs onto the corporate network. Removable media may include, for example, a compact disc (CD), a digital video disc (DVD), a USB drive, a USB Memory Key, or a 1394 Drive.
One approach to ensure that a mobile client is free from security threats is to perform a full system scan each time the mobile client logs onto the corporate network. A challenge found, however, is that a user may not insert removable media into the mobile client device between network sessions and, as a result, unnecessary system scans are performed on the mobile client, which wastes time, consumes processing power, and consumes network bandwidth.
What is needed, therefore, is a system and method to identify removable media insertions at a mobile client between secure network connections and perform appropriate actions.