Incremental compliance remediation
First Claim
Patent Images
1. A method, comprising:
- receiving, using at least one computing device, a request from a client device to access a first networked resource;
determining, using the at least one computing device, that a second networked resource is associated with accessing the first networked resource for the client device based on a resource group identifier, the resource group identifier being associated with a pairing of a user credential and a device identifier associated with the client device;
associating, using the at least one computing device, a compliance rule with the client device based on the resource group identifier, the compliance rule being associated with the first networked resource and the second networked resource;
determining, using the at least one computing device, whether the compliance rule is violated;
responsive to determining that the compliance rule is violated, determining, using the at least one computing device, whether the compliance rule is associated with an alternative setting that is more stringent than a current setting associated with the client device;
responsive to determining that the compliance rule is associated with the alternative setting that is more stringent than the current setting associated with the client device, changing, using the at least one computing device, the current setting to the alternative setting, wherein changing the current setting to the alternative setting comprises increasing a password complexity requirement, wherein increasing the password complexity requirement causes access to at least one of the client device, a network, a client device resource, or a network resource to be restricted until a user of the client device has configured a new password that complies with the password complexity requirement; and
responsive to determining that the compliance rule is not associated with the alternative setting that is more stringent than the current setting associated with the client device, causing, using the at least one computing device, access to at least one of the client device, the network, the client device resource, or the network resource to be restricted.
2 Assignments
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for enforcing device compliance parameters by inhibiting access to devices, networks or resources. Methods may include associating a compliance rule with a client device. If the compliance rule is violated, a setting associated with the client device may be altered. The altered setting may inhibit access to the client device, a network, a client device resource and/or a network resource. For example, necessary password complexities may be increased, password lifetimes may be decreased and/or resources may be restricted based on a geofence, a time of day and/or a day of the week.
157 Citations
20 Claims
-
1. A method, comprising:
-
receiving, using at least one computing device, a request from a client device to access a first networked resource; determining, using the at least one computing device, that a second networked resource is associated with accessing the first networked resource for the client device based on a resource group identifier, the resource group identifier being associated with a pairing of a user credential and a device identifier associated with the client device; associating, using the at least one computing device, a compliance rule with the client device based on the resource group identifier, the compliance rule being associated with the first networked resource and the second networked resource; determining, using the at least one computing device, whether the compliance rule is violated; responsive to determining that the compliance rule is violated, determining, using the at least one computing device, whether the compliance rule is associated with an alternative setting that is more stringent than a current setting associated with the client device; responsive to determining that the compliance rule is associated with the alternative setting that is more stringent than the current setting associated with the client device, changing, using the at least one computing device, the current setting to the alternative setting, wherein changing the current setting to the alternative setting comprises increasing a password complexity requirement, wherein increasing the password complexity requirement causes access to at least one of the client device, a network, a client device resource, or a network resource to be restricted until a user of the client device has configured a new password that complies with the password complexity requirement; and responsive to determining that the compliance rule is not associated with the alternative setting that is more stringent than the current setting associated with the client device, causing, using the at least one computing device, access to at least one of the client device, the network, the client device resource, or the network resource to be restricted. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computing device, comprising:
-
a processor; and a storage device accessible to the processor, wherein the storage device comprises a plurality of program instructions that, upon execution by the processor, cause the processor to at least; receive a request from a client device to access a first networked resource; determine that a second networked resource is associated with accessing the first networked resource for the client device based on a resource group identifier, the resource group identifier being associated with a pairing of a user credential and a device identifier associated with the client device; associate a compliance rule with the client device based on the resource group identifier, the compliance rule being associated with the first networked resource and the second networked resource; detect whether the compliance rule is violated; in response to detecting that the compliance rule is violated, determine whether the compliance rule is associated with an alternative setting that is more stringent than a current setting; in response to determining that the compliance rule is associated with the alternative setting that is more stringent than the current setting, change the current setting to the alternative setting, wherein changing the current setting to the alternative setting comprises increasing a password complexity requirement, wherein increasing the password complexity requirement causes access to at least one of the computing device, a network, a computing device resource, or a network resource to be restricted until a new password that complies with the password complexity requirement has been created; and responsive to determining that the compliance rule is not associated with the alternative setting that is more stringent than the current setting associated with the client device, cause access to at least one of the client device, the network, the client device resource, or the network resource to be restricted. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A system comprising:
-
a server device comprising a processor; and a storage device that is accessible to the processor, wherein the storage device comprises program instructions that, upon execution by the processor, cause the processor to at least; receive a request from a client device to access a first networked resource; determine that a second networked resource is associated with accessing the first networked resource for the client device based on a resource group identifier, the resource group identifier being associated with a pairing of a user credential and a device identifier associated with the client device; transmit a compliance rule to the client device based on the resource group identifier, the compliance rule being associated with the first networked resource and the second networked resource; determine whether the client device is not in compliance with the compliance rule; in response to determining that the client device is not in compliance with the compliance rule, determine whether the compliance rule is associated with an alternative setting that is more stringent than a current setting for the client device; in response to determining that the compliance rule is associated with the alternative setting that is more stringent than the current setting for the client device, transmit an instruction for the client device to change the current setting to the alternative setting, wherein changing the current setting to the alternative setting comprises increasing a password complexity requirement, wherein increasing the password complexity requirement causes access to at least one of the client device, a network, a client device resource, or a network resource to be restricted until a new password that complies with the password complexity requirement has been created; and in response to determining that the compliance rule is not associated with the alternative setting that is more stringent than the current setting for the client device, cause access to at least one of the client device, the network, the client device resource, or the network resource to be restricted. - View Dependent Claims (17, 18, 19, 20)
-
Specification