POLICY-BASED COMPLIANCE MANAGEMENT AND REMEDIATION OF DEVICES IN AN ENTERPRISE SYSTEM
First Claim
1. A method comprising:
- identifying a compliance policy for using a remote device with an enterprise computer system, wherein the remote device is registered to access the enterprise computer system;
detecting, based on the compliance policy, a non-compliance of the remote device;
assessing, by a computer system, based on the compliance policy, a level of non-compliance of the remote device;
establishing, based on the compliance policy and the level of non-compliance, a time period for remediation of the non-compliance;
receiving a request to access a computing resource in the enterprise computer system;
providing access to the computing resource based on the level of non-compliance;
inhibiting access to the computing resource in the enterprise computer system based on the level of non-compliance and based on determining that the time period has expired; and
instructing the remote device to perform an action to remedy the non-compliance based on determining that the time period has expired.
1 Assignment
0 Petitions
Accused Products
Abstract
The present disclosure relates generally to managing compliance of remote devices that access an enterprise system. More particularly, techniques are disclosed for using a compliance policy to manage remediation of non-compliances of remote devices that access an enterprise system. A device access management system may be implemented to automate remediation of non-compliances of remote devices accessing an enterprise system. Remediation may be controlled based on different levels of non-compliance, each defined by one or more different non-compliances. In some embodiments, a level of non-compliance may be conditionally defined by one or more user roles for which non-compliance is assessed. Access to computing resources of an enterprise system may be controlled for a remote device based on compliance of the remote device. Access may be inhibited for those resources not permitted during a time period of a non-compliance.
107 Citations
20 Claims
-
1. A method comprising:
-
identifying a compliance policy for using a remote device with an enterprise computer system, wherein the remote device is registered to access the enterprise computer system; detecting, based on the compliance policy, a non-compliance of the remote device; assessing, by a computer system, based on the compliance policy, a level of non-compliance of the remote device; establishing, based on the compliance policy and the level of non-compliance, a time period for remediation of the non-compliance; receiving a request to access a computing resource in the enterprise computer system; providing access to the computing resource based on the level of non-compliance; inhibiting access to the computing resource in the enterprise computer system based on the level of non-compliance and based on determining that the time period has expired; and instructing the remote device to perform an action to remedy the non-compliance based on determining that the time period has expired. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system comprising:
-
one or more processors; and a memory storing instructions that, when executed by the one or more processors, cause the one or more processors to; identify a compliance policy for using a remote device with an enterprise computer system, wherein the remote device is registered to access the enterprise computer system; detect, based on the compliance policy, a non-compliance of the remote device; assess, by a computer system, based on the compliance policy, a level of non-compliance of the remote device; establish, based on the compliance policy and the level of non-compliance, a time period for remediation of the non-compliance; receive a request to access a computing resource in the enterprise computer system; provide access to the computing resource based on the level of non-compliance; inhibit access to the computing resource in the enterprise computer system based on the level of non-compliance and based on determining that the time period has expired; and instruct the remote device to perform an action to remedy the non-compliance based on determining that the time period has expired. - View Dependent Claims (17)
-
-
18. A method comprising:
-
identifying a compliance policy for using a remote device with an enterprise computer system, wherein the remote device is registered to access the enterprise computer system; detecting, by a computer system, a non-compliance of the remote device based on the compliance policy; categorizing the non-compliance into a level of non-compliance based on the compliance policy and establishing a time period for remediation of the non-compliance; allowing access to a first computing resource in the enterprise computer system despite the level of non-compliance; inhibiting access to a second computing resource in the enterprise computer system based on the level of non-compliance; determining that the time period has passed; inhibiting access to the first computing resource in the enterprise computer system based on the level of non-compliance and based on determining that the time period has passed; and transmitting a message to the remote device based on determining that the time period has passed, wherein the message instructs the remote device to automatically remedy the non-compliance. - View Dependent Claims (19, 20)
-
Specification