| 主权项 |
1. A computer program product embodied in a non-transitory computer readable medium that, when executing on a client computing facility, performs the steps of:
obtaining security compliance information from a security policy resident at a server location, wherein the server location is a threat management facility remote from the client computing facility and accessible by the client computing facility through a data network; determining a security compliance state of the client computing facility by comparing the security compliance information with configuration information of the client computing facility; identifying external storage devices that are external to the client computing facility and locally coupled in a communicating relationship to the client computing facility through a local device port selected from a group consisting of a USB port, a Firewire port, a WiFi port, a serial port, and a parallel port; and when the security compliance state indicates that the client computing facility is in an out of compliance condition according to the security compliance information from the security policy resident at the server location, blocking communications between the client computing facility and the external storage devices thereby preventing files from being written to or executed from the external storage devices. |
