Securing source devices using a display device filter

What is claimed: 1. A method for securing a source device when a display device is connected to the source device, the method comprising: detecting, by a display device filter that includes a display device filter driver that is loaded on a display device driver stack on the source device, that the display device has been connected to the source device by evaluating one or more communications that are passed within the display device driver stack, the one or more communications identifying that the display device has been connected to a particular video output of the source device; retrieving, by the display device filter, an identifier of the display device that is included in metadata that the display device provides to describe capabilities to the source device, the metadata conforming to the Extended Display Identification Data (EDID) standard or a subsequent standard that augments or replaces the EDID standard; accessing one or more configuration files to obtain a list of identifiers of trusted display devices; comparing, by the display device filter, the retrieved identifier to the list of identifiers to determine whether the display device is trusted; and performing, by the display device filter, one or more actions to prevent access to the source device when it is determined, based on the comparison, that the display device is not trusted. 2. The method of claim 1 , wherein detecting that the display device has been connected to the source device comprises detecting that the display device is connected while the source device is booting. 3. The method of claim 1 , wherein detecting that the display device has been connected to the source device comprises detecting that the display device has been connected after the source device has booted. 4. The method of claim 1 , wherein the display device filter also comprises a user mode service that detects that the display device has been connected to the source device. 5. The method of claim 4 , wherein the user mode service also compares the retrieved identifier to a list of identifiers to determine whether the display device is trusted. 6. The method of claim 1 , wherein the display device filter driver detects that the display device has been connected to the source device by receiving the one or more communications as the one or more communications are passed within the display device driver stack. 7. The method of claim 1 , wherein the identifier comprises a serial number of the display device. 8. The method of claim 1 , wherein the list of identifiers of trusted display devices either: positively lists the identifiers of the trusted display devices such that the display device filter determines that the display device is trusted when the identifier of the display device is included in the list of identifiers; or positively lists identifiers of untrusted display devices such that the display device filter determines that the display device is the identifier of the display device is not included in the list of identifiers. 9. The method of claim 1 , wherein the one or more configuration files are stored locally on the source device. 10. The method of claim 1 , wherein the one or more actions comprises one or more of: disabling keyboard input; disabling mouse input; disabling human interface device (HID) input; restarting the source device; shutting down the source device; displaying a lockout screen on the display device; stopping a kernel of an operating system on the source device; or sending an alert to an administrator. 11. The method of claim 1 , further comprising: receiving user input that updates the one or more configuration files. 12. The method of claim 11 , wherein the user input is received from a management server. 13. One or more computer storage media storing computer executable instructions which when executed by one or more processors implement a method for securing a source device, the method comprising: detecting, by a display device filter driver that is loaded on a display device driver stack on a source device, that a display device has been connected to the source device by evaluating one or more communications that are passed within the display device driver stack, the one or more communications identifying that the display device has been connected to a particular video output of the source device; in response to detecting that the display device has been connected to the particular video output of the source device, sending one or more requests for Extended Display Identification Data (EDID) of the display device; in response to receiving the EDID of the display device, extracting an identifier of the display device from the EDED; comparing the identifier to a list of identifiers of trusted display devices; determining that the retrieved identifier is not included in the list; identifying one or more actions to be performed when an entrusted display device is connected to the source device; and causing the one or more actions to be performed to prevent access to the source device. 14. The computer storage media of claim 13 , wherein evaluating one or more communications that are passed within the display device driver stack comprises evaluating one or more DXGK_CHILD_STATUS structures. 15. The computer storage media of claim 13 , wherein the one or more actions include one or more of: disabling keyboard input; disabling mouse input; disabling human interface device (HID) input; restarting the source device; shutting down the source device; displaying a lockout screen on the display device; stopping a kernel of an operating system on the source device; or sending an alert to an administrator. 16. The computer storage media of claim 13 , wherein the identifier comprises a serial number of the display device. 17. The computer storage media of claim 13 , wherein sending one or more requests for EDID of the display device comprises calling a function provided by another driver loaded on the display device stack. 18. A method for securing a source device when an untrusted display device is connected to the source device, the method comprising: detecting, by a display device filter that includes a display device filter driver that is loaded on a display device driver stack on a source device, that a display device has been connected to the source device by evaluating one or more communications that are passed within the display device driver stack, the one or more communications identifying that the display device has been connected to a particular video output of the source device; retrieving, by the display device filter, an identifier from Extended Display Identification Data (EDID) of the display device; accessing, by the display device filter, one or more configuration files to determine whether the retrieved identifier is an identifier of a trusted display device; when it is determined that the retrieved identifier is not an identifier of a trusted display device, accessing, by the display device filter, the one or more configuration files to identify one or more actions to be performed when an untrusted display device is connected to the source device; and causing, by the display device filter, the one or more actions to be performed on the source device to prevent access to the source device. 19. The method of claim 18 , wherein the display device filter also includes a user mode service.