Policy-based secure containers for multiple enterprise applications

The invention claimed is: 1. A compute device comprising: interface circuitry to communicate device attribute information about the compute device to an enterprise management server; machine-readable instructions; and at least one processor circuit to be programmed by the machine-readable instructions to: execute a first container in which a first enterprise application and a second enterprise application sharing a first data sensitivity level are to be executed, the first container to enforce a first policy provided by the enterprise management server, the first policy based on the device attribute information and the first data sensitivity level; and execute a second container in which a third enterprise application having a second data sensitivity level is to be executed, the second container to enforce a second policy based on the device attribute information and the second data sensitivity level. 2. The compute device of claim 1 , wherein one or more of the at least one processor circuit is to: collect the device attribute information, the device attribute information including at least one of an identifier of the compute device, a device type of the compute device, an operating system of the compute device, a version of the operating system, a serial number of the compute device, whether the compute device is managed by a device management system, whether a user of the compute device has root access to the operating system, whether the compute device includes the one or more of the at least one processor circuit, a network transport available to the compute device, a location of the compute device, software installed on the compute device, or a version of the software; and provide the device attribute information to the interface circuitry. 3. The compute device of claim 1 , wherein one or more of the at least one processor circuit is to permit the first enterprise application and the second enterprise application to communicate with one another within the first container. 4. The compute device of claim 1 , wherein at least one of the first container or the second container are to prohibit the first enterprise application and the second enterprise application from communicating with the third enterprise application. 5. The compute device of claim 1 , wherein one or more of the at least one processor circuit is to cause the interface circuitry to communicate at least two identifiers of the first enterprise application and the second enterprise application to the enterprise management server to facilitate determination of the first policy. 6. The compute device of claim 1 , wherein the compute device has a trust level based on the device attribute information, the first policy is based on the trust level and the first data sensitivity level, and the first container provides a virtual execution environment. 7. A storage device or storage disk comprising instructions to cause at least one processor circuit of a compute device to: cause interface circuitry to communicate device attribute information about the compute device to an enterprise management server; operate a first virtual execution environment (VEE) in which a first enterprise application and a second enterprise application sharing a first data sensitivity level are to be executed, the first VEE to enforce a first policy provided by the enterprise management server, the first policy based on the device attribute information and the first data sensitivity level; and operate a second VEE in which a third enterprise application having a second data sensitivity level is to be executed, the second VEE to enforce a second policy based on the device attribute information and the second data sensitivity level. 8. The storage device or storage disk of claim 7 , wherein the instructions cause one or more of the at least one processor circuit to: collect the device attribute information, the device attribute information including at least one of an identifier of the compute device, a device type of the compute device, an operating system installed on the compute device, a version of the operating system, a serial number of the compute device, whether the compute device is managed by a device management system, whether a user of the compute device has root access to the operating system, whether the compute device includes the one or more of the at least one processor circuit, a network transport available to the compute device, a location of the compute device, software installed on the compute device, or a version of the software; and provide the device attribute information to the interface circuitry. 9. The storage device or storage disk of claim 7 , wherein the first VEE includes a container, and the instructions cause one or more of the at least one processor circuit to permit the first enterprise application and the second enterprise application to communicate with one another within the first VEE. 10. The storage device or storage disk of claim 7 , wherein at least one of the first VEE or the second VEE are to prohibit the first enterprise application and the second enterprise application from communicating with the third enterprise application. 11. The storage device or storage disk of claim 7 , wherein the instructions cause one or more of the at least one processor circuit to cause the interface circuitry to communicate at least two identifiers of the first enterprise application and the second enterprise application to the enterprise management server to facilitate determination of the first policy. 12. The storage device or storage disk of claim 7 , wherein the compute device has a trust level based on the device attribute information, and the first policy is based on the trust level and the first data sensitivity level. 13. A method comprising: communicating device attribute information about a compute device to an enterprise management server; operating, by executing an instruction with at least one processor circuit of the compute device, a first container in which a first enterprise application and a second enterprise application sharing a first data sensitivity level are to be executed, the first container to enforce a first policy provided by the enterprise management server, the first policy based on the device attribute information and the first data sensitivity level; and operating, by executing an instruction with one or more of the at least one processor circuit, a second container in which a third enterprise application having a second data sensitivity level is to be executed, the second container to enforce a second policy based on the device attribute information and the second data sensitivity level. 14. The method of claim 13 , further including collecting the device attribute information, the device attribute information including at least one of an identifier of the compute device, a device type of the compute device, an operating system installed on the compute device, a version of the operating system, a serial number of the compute device, whether the compute device is managed by a device management system, whether a user of the compute device has root access to the operating system, whether the compute device includes the one or more of the at least one processor circuit, a network transport available to the compute device, a location of the compute device, software installed on the compute device, or a version of the software. 15. The method of claim 13 , further including permitting the first enterprise application and the second enterprise application to communicate with one another within the first container.