Endpoint management is a key strategy by which organizations limit cybersecurity vulnerability. By installing endpoint management software on devices, an organization's IT/security team may have visibility and enforcement of various security policies; e.g., requiring full-disk encryption, not requiring dangerous applications, automatically updating the endpoint devices, etc. Unfortunately, endpoint management is only a solution for endpoints that an organization is aware of (e.g., the endpoint includes some type of endpoint management agent or software.
It may be in many cases possible for unmanaged endpoints to receive access to an organization's network resources including data or applications of the organization; in traditional endpoint management systems, it may be extremely difficult or impossible to determine which endpoints are managed and which are not during authentication because, in most cases, the status of the unmanaged endpoints cannot be determined until after authentication and the unmanaged device has engaged an organization's network and/or other computing resources. This uncertainty, in turn, reduces organizational security.
Thus, there is a need in the computer security field to create new and useful methods for endpoint management classification. This invention provides such new and useful methods.