3.10. DISK ARBITRATION

Once a file has been copied to a removable device, applications on the original computer no longer have any control over what happens to the file's data. Any access control in place may be ignored when the device is attached to a different computer, and the meanings of the user accounts will have changed anyway. Even encrypting the content may not be sufficient protection: the original user might decrypt the file on an untrustworthy computer, or even copy and paste the content onto an unencrypted file on the removable media.

Some assets may be considered sufficiently confidential that users should not be able to create copies of them on external drives or USB devices, or should be able to create copies only on approved devices, such as those with built-in encryption. As the ownership and permissions settings on such volumes cannot be trusted to provide good access control (and, as you have already seen, may not be honored by the operating system anyway), the only way to mitigate the risk of files being copied onto removable devices is to block those devices from being mounted at all.