Detection of offline attempts to circumvent security policies
First Claim
Patent Images
1. A system, comprising:
- a computing device comprising a processor and a memory;
a first application comprising machine-readable instructions stored in the memory that, when executed by the processor, cause the computing device to at least;
monitor a second application to detect a deletion of a user account initiated locally on the computing device, wherein the user account is associated with an enrollment of the computing device with a management service;
identify data subject to a policy received from the management service;
delete the data from the memory of the computing device; and
delete a value for a setting of the computing device, wherein the value for the setting was previously set to place the computing device in compliance with the policy.
2 Assignments
0 Petitions
Accused Products
Abstract
Disclosed are approaches for detecting attempts to circumvent security policies on a client device. A deletion of a user account on a computing device is detected, wherein the deletion is initiated locally on the computing device and the user account is associated with an enrollment of the computing device with a management service. Data stored in a memory of the computing device that is subject to a policy received from the management service is identified. The data is deleted from the memory of the computing device. The policy is then deleted from the memory of the computing device.
-
Citations
20 Claims
-
1. A system, comprising:
-
a computing device comprising a processor and a memory; a first application comprising machine-readable instructions stored in the memory that, when executed by the processor, cause the computing device to at least; monitor a second application to detect a deletion of a user account initiated locally on the computing device, wherein the user account is associated with an enrollment of the computing device with a management service; identify data subject to a policy received from the management service; delete the data from the memory of the computing device; and delete a value for a setting of the computing device, wherein the value for the setting was previously set to place the computing device in compliance with the policy. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method, comprising:
-
monitoring an application executing in a computing device to detect a deletion of a user account on a computing device by the application, wherein the deletion is initiated locally on the computing device and the user account is associated with an enrollment of the computing device with a management service; identifying data stored in a memory of the computing device that is subject to a policy received from the management service; deleting the data from the memory of the computing device; and deleting a value for a setting of the computing device, wherein the value for the setting was previously set to place the computing device in compliance with the policy. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A non-transitory computer readable medium comprising machine readable instructions that, when executed by a processor of a computing device, cause the computing device to at least:
-
monitor an application to detect a deletion of a user account on the computing device initiated with the application, wherein the deletion is initiated locally on the computing device and the user account is associated with an enrollment of the computing device with a management service; identify data stored in a memory of the computing device that is subject to a policy received from the management service; delete the data from the memory of the computing device; and delete a value for a setting of the computing device, wherein the value for the setting was previously set to place the computing device in compliance with the policy. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification