Enforcing restrictions on third-party accounts
First Claim
1. A non-transitory computer-readable medium embodying a program executable in at least one computing device with memory, wherein when executed the program causes the at least one computing device with memory to at least:
- manage a plurality of third-party network site accounts for a plurality of users in an organization;
determine that one of the plurality of users has requested access to a third-party network site, the third-party network site being operated by a third party that does not correspond to the organization;
determine whether one of the plurality of third-party network site accounts is available for use by the one of the plurality of users for accessing the third-party network site;
configure a client associated with one of the plurality of users to access the third-party network site using a security credential corresponding to the one of the plurality of third-party network site accounts in response to determining that the one of the plurality of third-party network site accounts is available for use by the one of the plurality of users for accessing the third-party network site, wherein the security credential is inaccessible to the one of the plurality of users;
inspect network traffic between the client and the third-party network site to determine whether the network traffic complies with a first rule restricting personal use of the one of the plurality of third-party network site accounts that is managed by the organization and a second rule blocking use of a third-party network site account that is unmanaged by the organization; and
implement an action in response to determining that the network traffic does not comply with the first rule and the second rule.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for management of third-party accounts for users in an organization. Network traffic between a client and a third-party network site under management is inspected. The client is associated with a user in an organization. It is determined whether the network traffic corresponds to a managed account with the third-party network site. It is determined whether the network traffic complies with a rule established by the organization. An action is implemented in response to determining that the network traffic does not comply with the rule.
53 Citations
20 Claims
-
1. A non-transitory computer-readable medium embodying a program executable in at least one computing device with memory, wherein when executed the program causes the at least one computing device with memory to at least:
-
manage a plurality of third-party network site accounts for a plurality of users in an organization; determine that one of the plurality of users has requested access to a third-party network site, the third-party network site being operated by a third party that does not correspond to the organization; determine whether one of the plurality of third-party network site accounts is available for use by the one of the plurality of users for accessing the third-party network site; configure a client associated with one of the plurality of users to access the third-party network site using a security credential corresponding to the one of the plurality of third-party network site accounts in response to determining that the one of the plurality of third-party network site accounts is available for use by the one of the plurality of users for accessing the third-party network site, wherein the security credential is inaccessible to the one of the plurality of users; inspect network traffic between the client and the third-party network site to determine whether the network traffic complies with a first rule restricting personal use of the one of the plurality of third-party network site accounts that is managed by the organization and a second rule blocking use of a third-party network site account that is unmanaged by the organization; and implement an action in response to determining that the network traffic does not comply with the first rule and the second rule. - View Dependent Claims (2)
-
-
3. A system, comprising:
-
at least one computing device with memory; and at least one application executable in the at least one computing device, wherein when executed the at least one application causes the at least one computing device to at least; inspect network traffic between a client computing device and a third-party network site, wherein the network traffic is under management and monitored by an organization, the client computing device being associated with a user in the organization, the third-party network site being operated by a third party that does not correspond to the organization; determine whether the network traffic corresponds to account-based usage of the third-party network site; determine whether the account-based usage represented in the network traffic complies with a first rule established by the organization that restricts personal use of a first account managed by the organization and a second rule established by the organization that blocks the account-based usage corresponding to a second account that is not managed by the organization; and implement an action in response to determining that the account-based usage does not comply with the first rule or the second rule. - View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method, comprising:
-
inspecting, via at least one of one or more computing devices with memory, network traffic between a client computing device and a third-party network site, wherein the network traffic is under management and monitored by an organization, the client computing device being associated with a user in the organization, the third-party network site being operated by a third party that does not correspond to the organization; determining, via at least one of the one or more computing devices, whether the network traffic corresponds to account-based usage of the third-party network site; determining, via at least one of the one or more computing devices, whether the account-based usage represented in the network traffic complies with a first rule established by the organization that restricts personal use of a first account managed by the organization and a second rule established by the organization that blocks the account-based usage corresponding to a second account that is not managed by the organization; and implementing, via at least one of the one or more computing devices, an action in response to determining that the account-based usage does not comply with the first rule or the second rule. - View Dependent Claims (17, 18, 19, 20)
-
Specification