| 主权项 |
1. A system for preventing data loss in a business environment, whereby a secure endpoint file export application assigns users to different classes having different permissions for accessing and writing data, the system comprising:
a computer apparatus including a processor and a memory; and a secure endpoint file export application stored in the memory, comprising executable instructions that when executed by the processor cause the processor to:
identify a plurality of users in a business environment;classify the plurality of users according to business needs;assign the users to one of at least two classes based on the classification,
wherein class A permits users to access the data but not write the data to removable media, andwherein class B permits users to write the data to removable media but not access the data;determine that a first user is attempting to access data on a secure file;determine that the first user is permitted to access the data on the secure file by comparing the identity of the user to a database comprising the plurality of users in the business environment and their respective classes;transmit the secure file to a second user who is permitted to write the data in the secure file to removable media;write the data in the secure file to the removable media;track a location of the removable media, wherein tracking the location of the removable media comprises receiving a wireless signal from the removable media, and tracking the location of the removable media based on the wireless signal;monitor the location of the removable media; anderase the data from the removable media if a condition is met, wherein the condition is selected from the group consisting of a predetermined period of time outside a predetermined radius from a permitted location, detection of unauthorized access to the removable media, and receiving instructions from the secure endpoint file export application to erase the removable media. |
