Removable drive security monitoring method and system
US8978151B1 · kind B1 · utility
Inventor
Key dates
| Filing date | Aug 23, 2012 |
| Grant date | Mar 10, 2015 |
| Priority date | — |
| Expiry date | Dec 24, 2032 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/554
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method of detecting the unauthorized use of removable storage drives to obtain data from a computer network. An automated software process periodically polls the various logical disks in a computer or computer network for removable data drives, determines which are high risk removable data drives, and monitors these removable drives every few seconds. The process checks for security problems by file name, or mismatch in privileges, or suspicious file write, copy or copy-delete patterns of usage. If a preset risk threshold is exceeded, the system then alerts system administrators. In a preferred embodiment, the method may be implemented on network administration systems such as Windows management instrumentation (WMI) using default scripting or process tools such as VBscript.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.