Abstract: Restricted content of a data file is identified. The restricted content is removed from the data file, and a redacted version of the data file is generated. The restricted content is stored separate from the redacted version of the data file.

Abstract: Various systems facilitate encrypted file storage. A client device may generate an encrypted version of a file. The client device may obtain at least one reference to at least one storage location for the encrypted version of the file. The client device may cause the encrypted version of the file to be store at the at least one storage location using the at least one reference to the at least one storage location.

Abstract: On-demand activation of a security policy may be provided. Upon receiving a selection of a link, a profile identified by a security policy associated with the link may be activated and the link may be opened according to the security policy. In some embodiments, opening the link according to the security policy may comprise redirecting the opening of the link from a first application to a second application.

Abstract: Data access sharing may be provided. Requests may be received to display an data item associated with a list of data items. Upon determining whether a property of the data item is restricted by an access control policy, the property may be modified prior to rendering a display of the data item.

Abstract: Disclosed are various approaches for implementing an application authentication wrapper. An authentication request, such as a Kerberos request, is created for authenticating the computing device. The authentication request is encrypted to generate an encrypted authentication request. The encrypted authentication request is then forwarded to a reverse proxy server. An encrypted authentication response is received from the reverse proxy server. The encrypted authentication response, such as a Kerberos response, is then decrypted to generate a corresponding authentication response, which is then forwarded to the computing device that generated the authentication request.

Abstract: Disclosed are various approaches for implementing an application authentication wrapper. An authentication request, such as a Kerberos request, is created for authenticating the computing device. The authentication request is encrypted to generate an encrypted authentication request. The encrypted authentication request is then forwarded to a reverse proxy server. An encrypted authentication response is received from the reverse proxy server. The encrypted authentication response, such as a Kerberos response, is then decrypted to generate a corresponding authentication response, which is then forwarded to the computing device that generated the authentication request.

Abstract: Various systems facilitate encrypted file storage. A client device may generate an encrypted version of a file. The client device may obtain at least one reference to at least one storage location for the encrypted version of the file. The client device may cause the encrypted version of the file to be store at the at least one storage location using the at least one reference to the at least one storage location.

Abstract: Embodiments of the disclosure relate to proxying at least one email resource from at least one email service to at least one client device, determining whether the email resources are accessible to the client devices via at least one unauthorized application on the client devices, and modifying the email resources to be inaccessible via the unauthorized applications on the client devices in response to a determination that the email resources are accessible via the unauthorized applications on the client devices.

Abstract: A client device identifies an action being performed using a first application in the client device. The client device identifies that the first application is not authorized to be used to perform the action. In response, the client device identifies a second application that is authorized to perform the action. The client device also facilitates the second application being used to perform the action.

Abstract: Restricted content of a data file is identified. The restricted content is removed from the data file, and a redacted version of the data file is generated. The restricted content is stored separate from the redacted version of the data file.

Abstract: Various examples for remotely controlling access to email resources are provided. In one example, one or more computing devices can be configured to provide, through an access control service, at least one user interface that enables creation of resource rules configured for use by the access control service in enforcement of one or more client devices in association with email resources. In response to input received through the at least one user interface of the access control service, the one or more computing devices can generate a resource rule that directs a client application on a client device to open an attachment of one of the email resources in an authorized secure container application.

Abstract: In a networked environment, a client side application executed on a client device may transmit a request to an authorization service for access to a resource. The authorization service may authenticate the user of client device and/or the client device based on user credentials and/or a device identifier. In response to authenticating the user and/or the client device, the authorization service may send to the client side application a request for confirmation that the client device complies with a distribution rule associated with the resource, where the distribution rule requires a specific application or specific type of application to be installed, enabled and/or executing on the client device as a prerequisite to accessing the resource. If the client device complies with the distribution rule, the client side application accesses the resource. Accessing the resource may include receiving an authorization credential required for access to the resource.

Abstract: Sampling for content selection may be provided.

Abstract: Embodiments of the disclosure relate to proxying at least one email resource from at least one email service to at least one client device, determining whether the email resources are accessible to the client devices via at least one unauthorized application on the client devices, and modifying the email resources to be inaccessible via the unauthorized applications on the client devices in response to a determination that the email resources are accessible via the unauthorized applications on the client devices.

Abstract: Disclosed are various embodiments relating to managed clones of applications. In one embodiment, an application is received. If it is determined that the application should be managed, a managed clone of the application is generated. The managed clone of the application is configured for coexistence along with the application upon a client device under management. The managed clone of the application may then be deployed to the client device under management.

Abstract: On-demand activation of a security policy may be provided. Upon receiving a selection of a link, a profile identified by a security policy associated with the link may be activated and the link may be opened according to the security policy. In some embodiments, opening the link according to the security policy may comprise redirecting the opening of the link from a first application to a second application.

Abstract: Methods, systems, apparatuses, and/or computer-readable media for providing device management via application modification may be provided. In some embodiments, a request to perform an action may be received. Upon determining that the action is associated with a metered resource, a further determination may be made as to whether the request complies with at least one management policy. In response to determining that the request complies with the at least one management policy, the requested action may be authorized and/or caused to be performed.

Abstract: Restricted content of a data file is identified. The restricted content is removed from the data file, and a redacted version of the data file is generated. The restricted content is stored separate from the redacted version of the data file.

Abstract: Disclosed are various embodiments for controlling access to data on a network. Upon receiving a request comprising a device identifier and at least one user credential to access a remote resource, the request may be authenticated according to at least one compliance policy. If the request is authenticated, a resource credential associated with the remote resource may be provided.

Abstract: A method, system, apparatus, and computer program product are provided for facilitating individual-specific content management. For example, a method is provided that includes receiving information regarding at least one prerequisite condition relating to at least one individual, receiving information regarding the at least one individual, determining whether the at least one prerequisite condition is satisfied, and causing individual-specific content associated with the at least one individual to be transmitted. At least a portion of the individual-specific content comprises protected content configured to be unviewable and/or unmodifiable. The method further includes receiving at least one access credential and causing at least a portion of the protected content to be viewable and/or modifiable.