The number of personal computers and mobile devices capable of sending and storing data increases significantly each year. These devices are routinely used to store files containing personal as well as confidential business information. Security administrators and business owners often have no record of what data is stored on PCs and mobile devices at any given point in time. For example, if a computing or storage device is lost or stolen, it is problematic to determine after the fact exactly what information was lost and/or disclosed with the device. There are also significant regulatory exposures related to the disclosure of certain classes of data such as medical information (HIPAA) and Payment Card Industry (PCI) data.
Individuals and businesses often share data files by sending these files as email attachments over the Internet. Although encryption methods are available, many users do not encrypt attachments prior to email transmission. Therefore, there is a risk that data files sent as attachments in email messages may be disclosed to an unauthorized recipient. Furthermore, using current methods, security administrators and business owners have no reliable mechanisms to control or track the movement of data sent by email between users of PCs or mobile devices.
In recent years the numbers of mobile storage devices such as USB flash drives and mobile communication devices with internal, non-volatile flash memory have also increased significantly. A significant amount of personal and confidential data can be stored on USB flash drives and mobile communication devices with non-volatile storage such as micro SD cards. Conventional methods allow data to be encrypted prior to storage onto these devices; however, conventional methods lack a mechanism for limiting access to confidential data once stored on these devices. Furthermore, there are no current methods which can serve to monitor and control the movement of data from non-volatile flash memory to other computing devices. Because laptop computers are highly mobile, it is not uncommon for laptop computers to fall outside of the regular backup processes which otherwise may be in place for fixed (desktop) PCs and corporate servers. Recognizing this need, there has been a trend in new services (such as Carbonite, Iron Mountain, RackSpace/Jungle Disk, and EMC/Mozy) that offer remote backup services to backup the data stored on laptop PCs. However, these services lack capabilities for security administrators and business owners to track, monitor and enforce compliance with policies. Also, using these products, there is little utility value that can be derived from the remotely stored data for purposes beyond simple backup and restore. Specifically, these remote backup services do not offer users the ability to ubiquitously access and/or share backed-up data from thin-client (WEB) or mobile (WAP) based interfaces.
Along with the trend in mobile computing, there has been an increased demand for Internet access and data sharing from a variety of users and businesses. Today, wireless broadband modems enable the mobile user to gain internet access using the cellular networks of wireless network operators such as (AT&T, Verizon, T-Mobile, and Sprint). However, these carriers have limited capacity to support peer-to-peer data transfers over wireless networks. Many of these same wireless carriers also offer DSL-based or Cable-based high speed Internet access. These high speed data services have become highly commoditized in recent years with the key competitive focus on download speeds. Within the major carriers (AT&T, Verizon, Sprint), there is little functional or technical synergy between wireless and wired services. Carriers need new value-added services that can increase customer retention and bridge the gaps between wired and wireless-based services. Services such as secure remote file storage and secure file sharing would be effective value added offerings for the adept mobile network operator interested in proactively managing its limited wireless network resources and looking for new sources of revenue and increasing customer retention.
Given these collective limitations of the prior art and the numerous needs and opportunities stated herein, a system and method are needed that can provide an architecture for securely storing, retrieving, and sharing data using PCs and mobile devices and for controlling and tracking the movement of data to and from a variety of devices.