Mitigations for potentially compromised electronic devices

摘要

An electronic device may be reported as potentially compromised (e.g., by a user or by the electronic device itself). An instruction to initiate remediation of the electronic device may be queued. Upon reaching the end of the queue, the instruction is transmitted to the electronic device to initiate remediation of the electronic device. The instruction is received by the electronic device. The remediation policy is performed, which may include performing operations such as deleting an encryption key, deleting data, disabling a login capability, disabling a boot up functionality, disabling a function associated with the electronic device, transmitting data from the electronic device, transmitting a message from the electronic device, or generating information that indicates of a user of the electronic device.

主权项

1. A method in a management system, comprising:
receiving an indication over a communication network that an electronic device remote from the management system is at least potentially compromised; queuing an instruction to initiate remediation of the electronic device; receiving the instruction from the queue; retrieving contact information for the electronic device; retrieving a remediation policy for the electronic device; transmitting the instruction to the electronic device according to the retrieved contact information with the retrieved remediation policy to initiate remediation of the electronic device; receiving an indication over the communication network that the electronic device is not potentially compromised; and transmitting a second instruction to the electronic device over the communication network to initiate recovery of the electronic device.