Abstract: One example method for securing data on untrusted devices includes the steps of intercepting a file command from a software application, the file command comprising a save command or a read command, and indicating a data file; determining whether the data file is a temporary data file; responsive to determining the data file is a temporary data file: if the command is a save command, encrypting data associated with the save command and writing the encrypted data to the temporary data file, if the command is a read command, decrypting data associated with the read command and providing the decrypted data to the software application.

Abstract: One example method for securing data on untrusted devices includes the steps of identifying, by a first process, a command in a command queue, the command from a second process and comprising an action on secure data; determining whether the command is permitted based on the action and a user credential; and responsive to determining the command is not permitted, removing, by the first process, the command from the command queue.

Abstract: One example method for securing data on untrusted devices includes the steps of intercepting a file command from a software application, the file command comprising a save command or a read command, and indicating a data file; determining whether the data file is a temporary data file; responsive to determining the data file is a temporary data file: if the command is a save command, encrypting data associated with the save command and writing the encrypted data to the temporary data file, if the command is a read command, decrypting data associated with the read command and providing the decrypted data to the software application.

Abstract: One example method for securing data on untrusted devices includes the steps of identifying, by a first process, a command in a command queue, the command from a second process and comprising an action on secure data; determining whether the command is permitted based on the action and a user credential; and responsive to determining the command is not permitted, removing, by the first process, the command from the command queue.

Abstract: One example method for securing data on untrusted devices includes the steps of identifying, by a first process, a command in a command queue, the command from a second process and comprising an action on secure data; determining whether the command is permitted based on the action and a user credential; and responsive to determining the command is not permitted, removing, by the first process, the command from the command queue.