Systems and methods for aggregating information-asset classifications
First Claim
1. A computer-implemented method for aggregating information-asset classifications, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- identifying a file system folder that includes a plurality of files;
identifying a classification for each of two or more of the files within the file system folder;
deriving, based at least in part on the classifications of the two or more of the files, an aggregate classification for the file system folder that contains the plurality of files;
assigning the aggregate classification to the file system folder to enable a data management system to enforce a collection-level data management policy based on the aggregate classification for the file system folder;
enforcing, by a system for endpoint security, the collection-level data management policy by taking, after the aggregate classification is assigned to the file system folder, and in accordance with a security policy, course of action based at least in part on the aggregate classification of the file system folder to protect an endpoint computing device from unauthorized access.
7 Assignments
0 Petitions
Accused Products
Abstract
The disclosed computer-implemented method for aggregating information-asset classifications may include (1) identifying a data collection that includes two or more information assets, (2) identifying a classification for each of the information assets, (3) deriving, based at least in part on the classifications of the information assets, an aggregate classification for the data collection, and (4) associating the aggregate classification with the data collection to enable a data management system to enforce a data management policy based on the aggregate classification. Various other methods, systems, and computer-readable media are also disclosed.
28 Citations
20 Claims
-
1. A computer-implemented method for aggregating information-asset classifications, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
identifying a file system folder that includes a plurality of files; identifying a classification for each of two or more of the files within the file system folder; deriving, based at least in part on the classifications of the two or more of the files, an aggregate classification for the file system folder that contains the plurality of files; assigning the aggregate classification to the file system folder to enable a data management system to enforce a collection-level data management policy based on the aggregate classification for the file system folder; enforcing, by a system for endpoint security, the collection-level data management policy by taking, after the aggregate classification is assigned to the file system folder, and in accordance with a security policy, course of action based at least in part on the aggregate classification of the file system folder to protect an endpoint computing device from unauthorized access. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system for aggregating information-asset classifications and endpoint security, the system comprising:
-
an identification module, stored in memory, that identifies a file system folder that includes a plurality of files; a classification module, stored in memory, that identifies a classification for each of two or more of the files within the file system folder; an aggregation module, stored in memory, that derives, based at least in part on the classifications of the two or more of the files, an aggregate classification for the file system folder that contains the plurality of files; an association module, stored in memory, that assigns the aggregate classification to the file system folder to enable a data management system to enforce a collection-level data management policy based on the aggregate classification for the file system folder; a policy module, stored in memory, that enforces, as part of the system for endpoint security, the collection-level data management policy by taking, after the aggregate classification is assigned to the file system folder and in accordance with a security policy, course of action based at least in part on the aggregate classification of the file system folder to protect an endpoint computing device from unauthorized access; at least one physical processor configured to execute the identification module, the classification module, the aggregation module, the association module, and the policy module. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-readable medium comprising one or more computer-readable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
identify a file system folder that includes a plurality of files; identify a classification for each of two or more of the files within the file system folder; derive, based at least in part on the classifications of the two or more of the files an aggregate classification for the file system folder that contains the plurality of files; assign the aggregate classification to the file system folder to enable a data management system to enforce a collection-level data management policy based on the aggregate classification for the file system folder; enforce, by a system for endpoint security, the collection-level data management policy by taking, after the aggregate classification is assigned to the file system folder, and in accordance with a security policy, a course of action based at least in part on the aggregate classification of the file system folder to protect an endpoint computing device from unauthorized access.
-
Specification