Individuals and organizations frequently seek to exert control over who can access particular services under their control. For example, organizations may institute data-loss prevention policies to prevent corporate information from being shared without permission. As a specific example, certain users may be restricted from accessing certain files, or users may not be allowed to e-mail particular files under certain conditions. Furthermore, organizations may seek to prevent users with higher levels of access from accessing sensitive files when those files are at risk of being transmitted to unauthorized parties. As a specific example, an enterprise may not want a human resources employee in a perimeter conference room to access sensitive files, as that location presents a greater risk for the sensitive files being viewed by an unauthorized party.
Unfortunately, traditional methods for managing user access permissions generally rely on broad policies such as “this user is or is not allowed to access these files.” Such a lack of granularity may slow down internal communications. Furthermore, as illustrated in the human resources employee example, a user who does usually have authorized access to sensitive files may inadvertently allow an unauthorized party to view or otherwise access those files if the employee access them from an insecure location. The instant disclosure, therefore, identifies and addresses a need for improved systems and methods by which to automatically adjust user access permissions based on physical location.