Abstract: A system and associated methods are disclosed for tracking mobile electronic devices while conserving cellular network resources used for such tracking. The tracking may be performed for purposes of facilitating recovery of lost or stolen devices. To conserve network resources, different telephone numbers may be assigned depending upon the location of each device and the time of each call, and individual calls may be made only after a determination has been made that a telephone call is required. A determination that a telephone call is required may be made depending upon whether a protected electronic device had been reported lost or stolen, and/or whether an internet communication between the protected electronic device and a monitoring center has been made within a selected previous period of time. A dynamic schedule permits reserved telephone call slots to be freed up if not needed so that they can be used for devices that need the communication time.

Abstract: A device, method, system and computer readable medium are disclosed for the remote, intelligent capture of screenshots and keystrokes which can subsequently be transmitted with reduced bandwidth requirements.

Abstract: A tamper resistant servicing Agent for providing various services (e.g., data delete, firewall protection, data encryption, location tracking, message notification, and updating software) comprises multiple functional modules, including a loader module (CLM) that loads and gains control during POST, independent of the OS, an Adaptive Installer Module (AIM), and a Communications Driver Agent (CDA). Once control is handed to the CLM, it loads the AIM, which in turn locates, validates, decompresses and adapts the CDA for the detected OS environment. The CDA exists in two forms, a mini CDA that determines whether a full or current CDA is located somewhere on the device, and if not, to load the full-function CDA from a network; and a full-function CDA that is responsible for all communications between the device and the monitoring server. The servicing functions can be controlled by a remote server.

Abstract: A system for locating and monitoring electronic devices utilizing a security system that is secretly and transparently embedded within the computer. This security system causes the client computer to periodically and conditionally call a host system to report its serial number via an encoded series of dialed numbers. A host monitoring system receives calls from various clients and determines which calls to accept and which to reject by comparing the decoded client serial numbers with a predefined and updated list of numbers corresponding to reported stolen computers. The host also concurrently obtains the caller ID of the calling client to determine the physical location of the client computer. The caller ID and the serial number are subsequently transmitted to a notifying station in order to facilitate the recovery of the stolen device. The security system remains hidden from the user, and actively resists attempts to disable it.

Abstract: A system and method for controlling the surveillance conducted by lost or stolen electronic devices dependent upon the location of such electronic devices is provided. A data repository contains data that specifies, for each of a plurality of geographic regions (e.g. legal jurisdictions), a set of surveillance methods that are permissible in the respective region. At least some of the geographic regions have different respective sets of permissible surveillance methods than others. A computer system is operable to communicate with the devices over a computer network, and programmed to use received information regarding a location of a potentially lost or stolen device, in combination with the data in the computer data repository, to cause the potentially lost or stolen device to initiate surveillance according to the set of permissible surveillance methods (and/or other actions) corresponding to the location.

Abstract: A data protection system selectively deletes data from an electronic device when the device is reported as lost or stolen, or when another data protection triggering event occurs. Different data files may, for example, be treated differently depending on when such files were created. For example, data files that were created while the computing device was known to be in the owner's possession may be deleted, while data files created after the electronic device left the owner's possession may be left intact (since they may have been created by an innocent user). Data files created between these two points in time may be quarantined so that they later be restored, if appropriate.

Abstract: A system is disclosed that protects private data of users while permitting the monitoring or tracking of electronic devices that are shared for both business and private purposes. The electronic devices are configured to selectively encrypt location data, and/or other types of data, before such data is transmitted to a monitoring center. For example, data collected or generated on a user device outside of work hours may be encrypted with a private key of the device's user prior to transmission to the monitoring center, so that the data is not accessible to the employer. Data collected or generated during work hours may be transmitted without such encryption.

Abstract: A system for locating and monitoring electronic devices utilizing a security system that is secretly and transparently embedded within the computer. This security system causes the client computer to periodically and conditionally call a host system to report its serial number via an encoded series of dialed numbers. A host monitoring system receives calls from various clients and determines which calls to accept and which to reject by comparing the decoded client serial numbers with a predefined and updated list of numbers corresponding to reported stolen computers. The host also concurrently obtains the caller ID of the calling client to determine the physical location of the client computer. The caller ID and the serial number are subsequently transmitted to a notifying station in order to facilitate the recovery of the stolen device. The security system remains hidden from the user, and actively resists attempts to disable it.

Abstract: A database stores results of scans for wireless (e.g., Wi-Fi) access points, some of them directly associated with GPS coordinates. Mobile electronic devices detect access points, details of which are sent to the database. Contents of the database are analyzed for relations between the scanned access points and previously stored GPS coordinates. If a relation is found, the GPS coordinates are used for determining or estimating the location of the mobile device.

Abstract: Techniques for performing an action, based on the present location of a client, to protect resources of the client from theft or unauthorized access. A server may intermittently receive, from a client, location information such as GPS information, triangulation information based on one or more Wi-Fi access points, and IP trace information. The server may determine the client's location by (a) determining, for an interval of time, whether GPS information, triangulation information, and IP trace information are available for the client, and (b) based on the available GPS information, triangulation information, and IP trace information, determining the present location of the client, e.g., by determining a weighted arithmetic mean or by using a sequence of types of location information ordered based on accuracy. In response to following a security policy, the server may perform an action, specified by the security policy, based on the present location of the client.

Abstract: Electronic devices without device names are provided with an application for retrieving a data point from the device from which a name can be deduced. A match for the data point is searched for in the contacts list in the device, and when found, the name corresponding to the contact entry, in which the data point has been found, is used to derive the device name. The derived device name (or information from which the device name may be derived) may be transmitted to a remote server which may be used for managing multiple such devices.

Abstract: A profile manager application is installed in an electronic device that fetches configuration profiles for third party applications from a remote server. Using code libraries incorporated in the third party applications and URL based commands, the profile manager application communicates with the third party applications to configure them according to the corresponding configuration profiles, even though the third party applications are running in a sandboxed environment.

Abstract: Techniques for protecting resources of a client from theft or unauthorized access. A BIOS agent stores policy data within a BIOS of the client. The BIOS agent is one or more software modules operating in the BIOS of the client. The policy data describes one or more security policies which the client is to follow. In response to the client following at least one of the one or more security policies, a persistent storage medium of the client is locked by instructing a controller of the persistent storage medium to deny, to any entity, access to data stored on the persistent storage medium unless the entity supplies, to the controller, a recognized authentication credential. In this way, a malicious user without access to the recognized authentication credential cannot access the data stored on the persistent storage medium, even if the persistent storage medium is removed from the client.

Abstract: A system and method for controlling the surveillance conducted by lost or stolen electronic devices dependent upon the location of such electronic devices is provided. A data repository contains data that specifies, for each of a plurality of geographic regions (e.g. legal jurisdictions), a set of surveillance methods that are permissible in the respective region. At least some of the geographic regions have different respective sets of permissible surveillance methods than others. A computer system is operable to communicate with the devices over a computer network, and programmed to use received information regarding a location of a potentially lost or stolen device, in combination with the data in the computer data repository, to cause the potentially lost or stolen device to initiate surveillance according to the set of permissible surveillance methods (and/or other actions) corresponding to the location.

Abstract: A tamper resistant servicing Agent for providing various services (e.g., data delete, firewall protection, data encryption, location tracking, message notification, and updating software) comprises multiple functional modules, including a loader module (CLM) that loads and gains control during POST, independent of the OS, an Adaptive Installer Module (AIM), and a Communications Driver Agent (CDA). Once control is handed to the CLM, it loads the AIM, which in turn locates, validates, decompresses and adapts the CDA for the detected OS environment. The CDA exists in two forms, a mini CDA that determines whether a full or current CDA is located somewhere on the device, and if not, to load the full-function CDA from a network; and a full-function CDA that is responsible for all communications between the device and the monitoring server. The servicing functions can be controlled by a remote server.

Abstract: Techniques for securing a client. A BIOS agent stores policy data within a BIOS of the client. The BIOS agent is one or more software modules that execute in the BIOS of the client. The policy data describes one or more policies which the client should follow. When an operating system agent detects that a condition, specified by a particular policy of the one or more policies, has been met, the operating system agent performs one or more actions specified by the particular policy, such as disabling the client, retrieving a file from the client, erasing a file from the client, or encrypting a file on the client. The operating system agent is one or more software modules that execute in the operating system of the client.

Abstract: A system is disclosed that enables multiple electronic devices to be tracked in the case of theft or loss without the need for monitoring or tracking the devices prior to the loss or theft. The system operates by sending bulk status information regarding the lost/stolen statuses of multiple devices to one of these devices. The receiving device then decodes the bulk status information to determine its own lost/stolen status. If the status reveals that the device is currently reported as lost or stolen, the device initiates an appropriate security action, such as the transmission of its location to a monitoring center.

Abstract: The availability of software assets on electronic devices, such as mobile devices of users, is restricted based on the time as determined by a managing server. An application that runs on the electronic devices communicates with the server to obtain information regarding which software assets are permitted to be accessed, and restricts user access accordingly. The server may use a clock, in combination with administrator-generated access restriction policies, to determine which software assets are to be made available on each electronic device at particular points in time.

Abstract: A data protection system selectively deletes data from an electronic device when the device is reported as lost or stolen, or when another data protection triggering event occurs. Different data files may, for example, be treated differently depending on when such files were created. For example, data files that were created while the computing device was known to be in the owner's possession may be deleted, while data files created after the electronic device left the owner's possession may be left intact (since they may have been created by an innocent user). Data files created between these two points in time may be quarantined so that they later be restored, if appropriate.

Abstract: A tamper resistant servicing Agent for providing various services (e.g., data delete, firewall protection, data encryption, location tracking, message notification, and updating software) comprises multiple functional modules, including a loader module (CLM) that loads and gains control during POST, independent of the OS, an Adaptive Installer Module (AIM), and a Communications Driver Agent (CDA). Once control is handed to the CLM, it loads the AIM, which in turn locates, validates, decompresses and adapts the CDA for the detected OS environment. The CDA exists in two forms, a mini CDA that determines whether a full or current CDA is located somewhere on the device, and if not, to load the full-function CDA from a network; and a full-function CDA that is responsible for all communications between the device and the monitoring server. The servicing functions can be controlled by a remote server.