| 摘要 |
Methods, systems, apparatuses, and computer program products are provided for remediating suspected attempted security breaches. For example, a method is provided that includes receiving information regarding at least one authentication attempt and determining, based at least in part on the information regarding the at least one authentication attempt, whether the at least one authentication attempt comprises a suspected attempted security breach. The method further includes causing, in an instance in which it is determined that the at least one authentication attempt comprises a suspected attempted security breach, at least one recording to be captured via at least one recording device communicatively coupled to the at least one processor and causing at least a portion of the at least one recording to be compared against at least one database. |
| 主权项 |
1. A method for controlling access to a computing device, comprising:
defining, by an enterprise using a remote compliance server, a plurality of geofence boundaries of known suspicious locations; creating, at the remote compliance server, a plurality of compliance rules that define:
restrictions for authenticating to the computing device within one of the plurality of geofence boundaries; andrestrictions that define a manner in which the computing device must be operated to gain access to resources of the enterprise, the computing device being a user device; installing, at the computing device, an agent application configured to monitor operation of the computing device; receiving, from the compliance server by the agent application executing on the computing device, the plurality of compliance rules; receiving information regarding at least one authentication attempt; determining, using at least one processor, based at least in part on the information regarding the at least one authentication attempt, whether the at least one authentication attempt comprises a suspected attempted security breach on the computing device; and in an instance in which it is determined that the at least one authentication attempt comprises a suspected attempted security breach:
causing at least one recording to be captured via at least one recording device communicatively coupled to the at least one processor,causing at least a portion of the at least one recording to be compared against at least one database, the database comprising information regarding at least one person,transmitting a command to the agent application executing on the computing device to turn on a global positioning sensor on the computing device in response to determining that the at least one authentication attempt comprises a suspected attempted security breach;determining whether the computing device is located within one of the defined geofence boundaries identifying a suspicious location, based on a location of the computing device determined using the global positioning sensor,transmitting the location of the computing device to the remote compliance server;locking the computing device and initiating a countdown timer when the comparison indicates a suspected attempted security breach and when the computing device is within one of the defined geofence boundaries, andautomatically wiping data from the computing device when the countdown timer expires without completing a successful authentication attempt. |
