Offline data delete with false trigger protection
First Claim
1. A method for protecting data stored on an electronic device from access by an illegitimate user, the method comprising:
- establishing a first communication between an agent installed in the electronic device and a remote server;
subsequently, determining that a second communication has not been established between the agent and the remote server within a predetermined period of time for establishing a communication between the agent and the remote server;
in response to determining that the second communication has not been established within the predetermined period of time, displaying a password prompt;
waiting until entry of a password by a user in response to the password prompt;
detecting said entry of the password; and
subsequently, processing the entry of the password by a process that comprises;
if the password is valid, setting a timer to measure a further predetermined period of time for establishing the second communication between the agent and the remote server;
if the password is not valid, determining whether a threshold number of invalid password entry attempts have occurred in response to the password prompt, the threshold being greater than one; and
if the threshold number of invalid password entry attempts is reached, executing a data protection policy that causes data on the electronic device to be protected, wherein the data protection policy is executed only if the threshold number of invalid password entry attempts is reached, after and not during said waiting.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for protecting data stored on an electronic device from access by an illegitimate user are presented. The data is protected by activating an offline data delete module installed in the electronic device to conditionally delete the data according to the following criteria: after establishing a first communication between an agent installed in the electronic device and a remote server, obtaining a password from a user if a second communication is not established between the agent and the remote server within a predetermined period of time. After obtaining a password from the user, deleting at least some data stored on the electronic device after a second communication is not established between the agent and the remote server within the predetermined period of time and a predetermined number of incorrect passwords has been obtained.
27 Citations
19 Claims
-
1. A method for protecting data stored on an electronic device from access by an illegitimate user, the method comprising:
-
establishing a first communication between an agent installed in the electronic device and a remote server; subsequently, determining that a second communication has not been established between the agent and the remote server within a predetermined period of time for establishing a communication between the agent and the remote server; in response to determining that the second communication has not been established within the predetermined period of time, displaying a password prompt; waiting until entry of a password by a user in response to the password prompt; detecting said entry of the password; and subsequently, processing the entry of the password by a process that comprises; if the password is valid, setting a timer to measure a further predetermined period of time for establishing the second communication between the agent and the remote server; if the password is not valid, determining whether a threshold number of invalid password entry attempts have occurred in response to the password prompt, the threshold being greater than one; and if the threshold number of invalid password entry attempts is reached, executing a data protection policy that causes data on the electronic device to be protected, wherein the data protection policy is executed only if the threshold number of invalid password entry attempts is reached, after and not during said waiting. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An electronic device comprising a memory for the storage of data, an output interface, an input interface, an agent, and an offline data protection module, wherein the agent is configured to communicate with a remote server and the offline data protection module is configured to:
-
establish a first communication between an agent installed in the electronic device and a remote server; subsequently, determine that a second communication has not been established between the agent and the remote server within a predetermined period of time for establishing a communication between the agent and the remote server; in response to determining that the second communication has not been established within the predetermined period of time, display a password prompt; wait until entry of a password by a user in response to the password prompt; detect said entry of the password; and subsequently, process the entry of the password by a process that comprises; if the password is valid, setting a timer to measure a further predetermined period of time for establishing the second communication between the agent and the remote server; if the password is not valid, determining whether a threshold number of invalid password entry attempts have occurred in response to the password prompt, the threshold being greater than one; and if the threshold number of invalid password entry attempts is reached, executing a data protection policy that causes data on the electronic device to be protected, wherein the data protection policy is executed only if the threshold number of invalid password entry attempts is reached, after and not during said waiting. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable medium carrying computer-executable instructions which, when executed on an electronic device comprising a processor and a memory, the memory storing data to be protected from unauthorized access, carry out a method comprising:
-
establishing a first communication between an agent on the electronic device and a remote server; outputting to a user a request for a password if a second communication is not established between the agent and the remote server within a predetermined period of time for establishing a communication between the agent and the remote server; waiting for the user to enter a password in response to the request; detecting user entry of a password in response to the request; and subsequently, processing the entry of the password by a process that comprises; if the password is valid, setting a timer to measure a further predetermined period of time for establishing the second communication between the agent and the remote server; if the password is not valid, determining whether a threshold number of invalid password entry attempts have occurred in connection with the request, the threshold being greater than one; and if the threshold number of invalid password entry attempts is reached, executing a data protection policy that causes data on the electronic device to be protected, wherein the data protection policy is executed only if the threshold number of invalid password entry attempts is reached, after and not during said waiting.
-
-
17. A non-transitory computer-readable medium having stored thereon executable code that directs an electronic device to perform a method that comprises:
-
determining that the electronic device has failed to communicate with a designated remote system for a predetermined period of time; displaying, in connection with said failure to communicate for the predetermined period of time, a prompt for user entry of authentication information; and waiting until entry of authentication information by a user in response to the prompt; detecting said entry of the authentication information; and subsequently, processing the entry of the authentication information by a process that comprises; if the authentication information is valid, setting a timer to measure a further predetermined period of time for establishing the communication between the electronic device and the remote server; if the authentication information is not valid, determining whether a threshold number of invalid authentication information entry attempts have occurred in response to the prompt, the threshold being greater than one; and if the threshold number of invalid authentication information entry attempts is reached, executing a data protection policy that causes data on the electronic device to be protected, wherein the data protection policy is executed only if the threshold number of invalid authentication information entry attempts is reached, after and not during said waiting. - View Dependent Claims (18, 19)
-
Specification