Privacy and security are a priority for consumers and companies that use devices that contain personal or highly confidential information and data. In order to secure these devices, companies often use a server-based management service to configure devices with a set of policies, settings, resources, and applications to ensure devices are secured, including the information and data on the device.
In today's world, however, devices are no longer used for a single purpose. For example, a laptop may be used for both personal and work, the same phone can be used by a cashier for check-out and inventory uses in the backroom, a tablet may be mounted in a store to show promotional advertisement but also enable a store employees to check inventory or a store manager to check employee shift schedules, and so forth.
Conventional solutions to manage these devices involve manual user interaction to change the set of policies, settings, resources, and applications. However, this approach does not take into account the dynamic nature of devices that move around through a variety of environments as described above. Other conventional techniques involve use of a server-based service with environmental context and rely on the server-based management service to make changes to the configuration. While this may support provide dynamic changes to the set of policies, settings, resources, and applications, it relies on a network connection that may not be accessible in some situations, especially by mobile devices. Further, transmission of certain contextual signals to a server-based management service may not be allowed due to privacy concerns.