System and method for securing use of a portable drive with a computer network

摘要

Solution for autonomously securing the use of a portable drive with a computer network. A data store is written and maintained that contains entries corresponding to a plurality of portable drives initialized for use with the computer network, each entry corresponding to at least one identifiable drive. Events are monitored as they occur on the computer network involving use of each of the plurality of portable drives. Predefined security policy determination criteria is applied, which can include drive mobility assessment criteria and drive content sensitivity criteria, to determine a drive-specific security policy for each one of the plurality of portable drives. A set of at least one policy enforcement action is executed that corresponds to a determined drive-specific security policy in response to detected usage activity for each one of the plurality of portable drives.

主权项

1. A system for securing use of a portable drive with a computer network, the system comprising:
a computing platform interfaced with the computer network, the computing platform including computing hardware of at least one processor, data storage, and input/output facilities, and an operating system implemented on the computing hardware; and instructions that, when executed on the computing platform, cause the computing platform to implement: a drive registration engine configured to autonomously write and maintain a data store containing entries corresponding to a plurality of portable drives initialized for use with the computer network, each entry corresponding to at least one identifiable drive, wherein the plurality of portable drives includes drives that, when disconnected from the computer network, are unable to enforce a security policy and are distinct from any computing device configurable to enforce a security policy; a drive monitoring engine operatively coupled with the drive registration engine and configured to autonomously monitor events occurring on the computer network involving use of each of the plurality of portable drives; a security policy determination engine operatively coupled with the drive monitoring engine and configured to autonomously apply predefined security policy determination criteria, including drive mobility assessment criteria indicative of the usage history of the portable drive such that a determination of whether the portable drive is mobile or non-mobile is made by the security policy determination engine and drive content sensitivity criteria indicative of the liability of the portable drive to vulnerabilities of software in a computer system with which the portable drive is interfaced is made by the security policy determination engine, to determine a drive-specific security policy for each one of the plurality of portable drives; a security policy enforcement engine operatively coupled with the security policy determination engine, and configured to autonomously execute a set of at least one policy enforcement action corresponding to a determined drive-specific security policy in response to detected usage activity for each one of the plurality of portable drives.