SYSTEM AND METHOD FOR AUDITING FILE ACCESS TO SECURE MEDIA BY NODES OF A PROTECTED SYSTEM

摘要

A method includes detecting (1002) a storage device (402) and determining (1004) whether the storage device has been checked-in for use with at least a protected node (102, 102a-102n). The method also includes granting (1006-1008) access to the storage device in response to determining that the storage device has been checked-in for use with at least the protected node. The method further includes storing (1018) data identifying file activity involving the storage device on the storage device. The data could identify all files copied to or from the storage device and all file activity that is blocked from occurring on the storage device. The method may also include copying one or more log files stored at the protected node onto the storage device, and storing the data identifying the file activity may include appending data identifying details of the file activity to the one or more log files.