Computer security lock down methods

US 9,015,789 B2
Filed: 03/17/2009
Issued: 04/21/2015
Est. Priority Date: 03/17/2009
Status: Active Grant

First Claim

Patent Images

1. A computer program product embodied in a non-transitory computer readable medium that, when executing on a client computing facility, performs the steps of:

obtaining security compliance information from a security policy resident at a server location, wherein the server location is a threat management facility remote from the client computing facility and accessible by the client computing facility through a data network;

determining a security compliance state of the client computing facility by comparing the security compliance information with configuration information of the client computing facility;

identifying external storage devices that are external to the client computing facility and locally coupled in a communicating relationship to the client computing facility through a local device port selected from a group consisting of a USB port, a Firewire port, a WiFi port, a serial port, and a parallel port; and

when the security compliance state indicates that the client computing facility is in an out of compliance condition according to the security compliance information from the security policy resident at the server location, blocking communications between the client computing facility and the external storage devices thereby preventing files from being written to or executed from the external storage devices.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention extend the enforcement of computer security policies by blocking device access as well as network access. In some embodiments, communications with external devices are blocked upon discovery that some aspect of the client computing facility is out of compliance vis-à-vis a security policy.

Citations

19 Claims

1. A computer program product embodied in a non-transitory computer readable medium that, when executing on a client computing facility, performs the steps of:
- obtaining security compliance information from a security policy resident at a server location, wherein the server location is a threat management facility remote from the client computing facility and accessible by the client computing facility through a data network;
  
  determining a security compliance state of the client computing facility by comparing the security compliance information with configuration information of the client computing facility;
  
  identifying external storage devices that are external to the client computing facility and locally coupled in a communicating relationship to the client computing facility through a local device port selected from a group consisting of a USB port, a Firewire port, a WiFi port, a serial port, and a parallel port; and
  
  when the security compliance state indicates that the client computing facility is in an out of compliance condition according to the security compliance information from the security policy resident at the server location, blocking communications between the client computing facility and the external storage devices thereby preventing files from being written to or executed from the external storage devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. The computer program product of claim 1, wherein the step of blocking the client computing facility from communicating information to external storage devices involves blocking communication to all external ports of the client computing facility.
  - 3. The computer program product of claim 2, wherein at least one of the external ports is a USB port.
  - 4. The computer program product of claim 2, wherein at least one of the external ports is a serial port.
  - 5. The computer program product of claim 2, wherein at least one of the external ports is a parallel port.
  - 6. The computer program product of claim 2, wherein at least one of the external ports is a Bluetooth communication port.
  - 7. The computer program product of claim 2, wherein at least one of the external ports is a disk drive port.
  - 8. The computer program product of claim 1, wherein the external storage device is a removable memory device.
  - 9. The computer program product of claim 1, wherein the out of compliance condition involves an unapproved configuration.
  - 10. The computer program product of claim 1, wherein the out of compliance condition involves a lack of a proper disk scan for malware.
  - 11. The computer program product of claim 1, wherein the out of compliance condition involves a lack of an updated operating system.
  - 12. The computer program product of claim 1, wherein the out of compliance condition involves a lack of an updated virus definition.
  - 13. The computer program product of claim 1, wherein the out of compliance condition involves a lack of an updated virus policy.
  - 14. The computer program product of claim 1, wherein the out of compliance condition involves a lack of an installed operating system patch.
  - 15. The computer program product of claim 1, wherein the out of compliance condition involves a lack of an installed application patch.
  - 16. The computer program product of claim 1, further comprising:
    - in response to the determination that the security compliance state is not in compliance, blocking the client computing facility from communicating information to any device connected to a network communication port.
  - 17. The computer program product of claim 1, wherein blocking communications between the external storage devices and the client computing facility includes blocking transfers of data from one of the external storage devices to the client computing facility.
  - 18. The computer program product of claim 1, wherein blocking communications between the external storage devices and the client computing facility includes blocking transfers of data from the client computing facility to one of the external storage devices.
  - 19. The computer program product of claim 1, wherein blocking communications between the external storage devices and the client computing facility includes blocking transfers of data from the client computing facility to the external storage devices and from the external storage devices to the client computing facility.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sophos Limited (Sophos Group Ltd.)
Original Assignee
Sophos Limited (Sophos Group Ltd.)
Inventors
Thomas, Andrew J.
Primary Examiner(s)
Cervetti, David Garca
Assistant Examiner(s)
DOLLY, KENDALL LYNN

Application Number

US12/405,538
Publication Number

US 20100242088A1
Time in Patent Office

2,226 Days
Field of Search

726 3- 4, 726 24- 25
US Class Current

726/1
CPC Class Codes

G06F 21/554   involving event detection a...

H04L 63/10   for controlling access to d...

H04L 63/20   for managing network securi...

Computer security lock down methods

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Computer security lock down methods

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links