| 发明名称 | Protecting sensitive information from a secure data store | ||
| 摘要 | In embodiments of the present invention improved capabilities are described for the steps of receiving an indication that a computer facility has access to a secure data store, causing a security parameter of a storage medium local to the computer facility to be assessed, determining if the security parameter is compliant with a security policy relating to computer access of the remote secure data store, and in response to an indication that the security parameter is non-compliant, cause the computer facility to implement an action to prevent further dissemination of information, to disable access to network communications, to implement an action to prevent further dissemination of information, and the like. | ||
| 申请公布号 | US9426179(B2) | 申请公布日期 | 2016.08.23 |
| 申请号 | US200912405642 | 申请日期 | 2009.03.17 |
| 申请人 | Sophos Limited | 发明人 | Keene David P.;Donley Daryl E. |
| 分类号 | H04L29/06;G06F21/88;G06F21/62;H04W12/08;H04W12/06 | 主分类号 | H04L29/06 |
| 代理机构 | Strategic Patents, P.C. | 代理人 | Strategic Patents, P.C. |
| 主权项 | 1. A computer program product embodied in a non-transitory computer readable medium that, when executing on a threat management facility, performs steps comprising: storing a security policy for controlling access by a network endpoint to an encrypted remote secure data store, the security policy requiring a removable data store locally connected to the network endpoint through an external port to meet one or more security requirements for identification as a secure data store, wherein the one or more security requirements include a requirement that the removable data store be encrypted; receiving an indication at the threat management facility that an endpoint has access to the encrypted remote secure data store; auditing the endpoint to determine whether a security parameter of a first removable data store locally connected to the endpoint through the external port is compliant with the one or more requirements for identification as a secure data store; and causing the endpoint to implement an action to regulate dissemination by the endpoint of data from the encrypted remote secure data store in response to a determination that the security parameter of the first removable data store locally connected to the endpoint through the external port is non-compliant, the action comprising disabling network communications other than communication between the threat management facility and the endpoint, including at least communications between the endpoint and the encrypted remote secure data store. | ||
| 地址 | Abingdon GB | ||