COMPUTER SECURITY LOCK DOWN METHODS
First Claim
Patent Images
1. A computer program product embodied in a computer readable medium that, when executing on one or more computers, assesses a security compliance state of a client computing facility by performing the steps of:
- accessing security compliance information derived from a security policy resident at a server location;
determining a security compliance state by comparing the security compliance information with the client computing facility'"'"'s configuration information; and
when the security compliance state indicates that the client computing facility is in an out of compliance condition, blocking the client computing facility from communicating information to external storage devices in communication with the client computing facility.
9 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present invention extend the enforcement of computer security policies by blocking device access as well as network access. In some embodiments, communications with external devices are blocked upon discovery that some aspect of the client computing facility is out of compliance vis-à-vis a security policy.
75 Citations
24 Claims
-
1. A computer program product embodied in a computer readable medium that, when executing on one or more computers, assesses a security compliance state of a client computing facility by performing the steps of:
-
accessing security compliance information derived from a security policy resident at a server location; determining a security compliance state by comparing the security compliance information with the client computing facility'"'"'s configuration information; and when the security compliance state indicates that the client computing facility is in an out of compliance condition, blocking the client computing facility from communicating information to external storage devices in communication with the client computing facility. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer program product embodied in a computer readable medium that, when executing on one or more computers, assesses a security compliance state of a client computing facility by performing the steps of:
-
accessing security compliance information derived from a security policy resident at a server location; comparing the security compliance information with the client computing facility'"'"'s configuration information; and in response to determining that the security compliance state is not in compliance with the security policy, blocking the client computing facility from receiving any information from external storage devices in communication with the client computing facility. - View Dependent Claims (18, 19, 20)
-
-
21. A computer program product embodied in a computer readable medium that, when executing on one or more computers, protects a client computing facility from external threats by performing the steps of:
blocking communications from local external devices upon the discovery that a security software operating on the client computing facility is out of compliance. - View Dependent Claims (22)
-
23. A computer program product embodied in a computer readable medium that, when executing on one or more computers, prevents confidential data leakage from a client computing facility by performing the steps of:
in response to detecting unauthorized confidential information on the client computing facility, blocking communication to all local external devices. - View Dependent Claims (24)
Specification