Methods and systems for conditionally granting access to services based on the security state of the device requesting access

We claim: 1 . A method comprising: receiving, by a software component executing on a server, a request from a mobile communications device for access to a provider of a service having a plurality of service levels, each service level allowing a different level of access to the service; determining, by the software component, a current security state of the mobile communications device by: processing event security data, generated by the mobile security device regarding security events on the mobile communications device, to determine severity levels for the security events, and using the determined severity levels to assess the current security state of the mobile communications device; comparing, by the software component, the current security state of the mobile communications device to a policy associated with the provider, wherein for each service level the policy specifies a minimum security state of a device required for the device to be granted access to the service level; determining, by the software component from the comparison, that the current security state meets or exceeds the minimum security state for a subset of the plurality of service levels; and permitting, by the software component, the mobile communications device to access the subset of the plurality of service levels based on the determination that the current security state meets or exceeds the minimum security state required for each service level in the subset. 2 . The method of claim 1 , wherein the determining, by the software component, a current security state of the mobile communications device further includes: accessing a database containing security data received from the mobile communications device; comparing the event security data generated by the mobile security device to security data from the mobile communications device stored in the database; and using the determined severity levels and the comparison of the event security data to the security data stored in the database to assess the current security state of the mobile communications device. 3 . The method of claim 1 , wherein the software component is a security component of the provider and is tasked with receiving access requests intended for the provider. 4 . The method of claim 1 , wherein the event security data generated by the mobile communications device is generated by at least one application executing on the mobile communications device. 5 . The method of claim 1 further comprising: receiving, by the software component from the mobile communications device, the event security data generated by the mobile communications device; and causing, by the software component, the received event security data to be stored in a database accessible to the software component. 6 . The method of claim 1 further comprising: receiving, by the software component from the mobile communications device, the event security data generated by the mobile communications device; accessing a database containing security data received from the mobile communications device; comparing the event security data generated by the mobile security device to security data from the mobile communications device stored in the database; and when the comparison of the event security data to the security data stored in the database indicates a stored security state of the mobile communications device is outdated, updating the stored security state of the mobile communications device. 7 . The method of claim 1 , wherein the plurality of service levels includes at least one of: a first level providing the ability to access, edit, send, and upload data files; a second level providing the ability to view data files, but not edit, send, or upload files; a third level providing the ability to view only portions of certain data files, but not edit, send, or upload files; a fourth level providing the ability to check an account balance, view previous financial transactions, and transfer funds; a fifth level providing the ability to check an account balance and view previous financial transactions, but not transfer funds; a sixth level providing the ability to check an account balance, but not view previous financial transactions or transfer funds; a seventh level providing the ability to access all activities of the service; or an eighth level providing the ability to access a subset of all activities of the service. 8 . The method of claim 1 , wherein using the determined severity levels to assess the current security state of the mobile communications device includes: using the determined severity levels and one or both of: security state information for the mobile communications device stored on the mobile communications device, or security state information for the mobile communications device stored on the server, to assess the current security state of the mobile communications device. 9 . The method of claim 1 , wherein the policy is based on a risk response implemented by an enterprise that is not the provider. 10 . A non-transitory, computer-readable storage medium having stored thereon a plurality of instructions, which, when executed by a processor of a server, cause the server to: receive a request from a mobile communications device for access to a provider of a service having a plurality of service levels, each service level allowing a different level of access to the service; determine a current security state of the mobile communications device by: processing event security data, generated by the mobile security device regarding security events on the mobile communications device, to determine severity levels for the security events, and using the determined severity levels to assess the current security state of the mobile communications device; compare the current security state of the mobile communications device to a policy associated with the provider, wherein for each service level the policy specifies a minimum security state of a device required for the device to be granted access to the service level; determine from the comparison that the current security state meets or exceeds the minimum security state for a subset of the plurality of service levels; and permitting the mobile communications device to access the subset of the plurality of service levels based on the determination that the current security state meets or exceeds the minimum security state required for each service level in the subset. 11 . The computer-readable storage medium of claim 10 , wherein the instructions causing the server to determine a current security state of the mobile communications device further include instructions to: access a database containing security data received from the mobile communications device; compare the event security data generated by the mobile security device to security data from the mobile communications device stored in the database; and use the determined severity levels and the comparison of the event security data to the security data stored in the database to assess the current security state of the mobile communications device. 12 . The computer-readable storage medium of claim 10 , wherein the event security data generated by the mobile communications device is generated by at least one application executing on the mobile communications device. 13 . The computer-readable storage medium of claim 10 further including instructions causing the server to: receive, from the mobile communications device, the event security data generated by the mobile communications device; and cause the received event security data to be stored in a dat