×

Just-in-time encryption

  • US 10,628,597 B2
  • Filed: 04/14/2016
  • Issued: 04/21/2020
  • Est. Priority Date: 04/14/2016
  • Status: Active Grant
First Claim
Patent Images

1. A computer program product for just-in-time encryption of files detected on an endpoint, the computer program product comprising computer executable code embodied in a nontransitory computer readable medium that, when executing on one or more computing devices, performs the steps of:

  • adding a file system extension to the endpoint, the file system extension providing use of a key to access files whenever a security state of the endpoint is not compromised and withholding use of the key whenever the security state of the endpoint is compromised;

    for a plurality of unsecure files existing on the endpoint, initializing encryption of the plurality of unsecure files with a background process using the key when the file system extension is added to the endpoint to provide a plurality of encrypted files;

    monitoring the security state of the endpoint;

    providing access to the plurality of encrypted files by a process other than the background process executing on the endpoint using the file system extension;

    detecting an access, by the process, to a new file not yet encrypted by the background process with the key for secure use on the endpoint;

    if the security state of the endpoint is not compromised, encrypting the new file with the background process using the key immediately upon detecting the access by the process to add the new file the plurality of encrypted files; and

    if the security state of the endpoint is compromised, deleting the key from the endpoint to prevent access by the process to the plurality of encrypted files, initiating a remediation of the endpoint, and in response to successful remediation of the endpoint, recovering the key to the endpoint from a remote key management system.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×