Method and apparatus for maintaining high data integrity and for providing a secure audit for fraud prevention and detection

US 10,127,562 B2
Filed: 07/29/2014
Issued: 11/13/2018
Est. Priority Date: 11/20/2009
Status: Active Grant

First Claim

Patent Images

1. An apparatus for maintaining high data integrity and for providing a secure audit for fraud prevention and detection, comprising:

a client server comprising a memory storing instructions which are executed by a server processor to perform the steps of;

copying digital data that is stored on at least one client production server;

storing said digital data on a data storage and in an encrypted format comprising an encryption key that is held by any of a client and a client backup/restore service provider;

archiving discrete versions of computer folders by making multiple, sequential copies of said digital data on a predetermined time interval schedule that comprises any of a set, dynamic, and randomly variable interval;

a forensics analysis system comprising a memory storing instructions which are executed by a forensics analysis processor to perform the steps of;

identifying a need to determine if fraud has occurred;

creating a virtual client historical environment;

comparing, in the virtual historical environment, putatively identical computer data of said archived discrete versions of computer folders stored on said data storage at different points in time and, based on said comparing, discovering missing documents that had been deleted or documents with modification dates that have changed when there would otherwise have been no need to change them, wherein said putatively identical data comprises a plurality of said discrete archival versions of said computer folders, each version containing documents as they existed at the point in time at which they were archived, said comparing comprising any of;

comparing contents of said computer folders from different points in time, comparing the number of documents in said computer folders, comparing a last data and time of modification, and comparing the contents of a document in any of said computer folders at different points in time;

based upon said comparing, identifying any of;

missing documents or documents with modification dates that have changed when there would otherwise have been no need to change them, thereby discovering fraud or searching for evidence after a fraud is suspected; and

based on said identifying missing documents or documents that have changed, restoring from said data storage data that has been saved on at least one point in time on said at least one client production server and that has been changed or deleted on said at least one client production server.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Any of various comparisons of computer folders from different points in time is performed. Such comparisons provide the ability to discover missing documents or documents with modification dates that have changed when there would otherwise have been no need to change them and thus allows discovery of missing documents to discover fraud or to search for evidence after a fraud is suspected. In another embodiment, deltas in accounting system vendor invoice accounts are compared at different points in time, potentially exposing the practice of moving fraudulent vendor transactions into a large group of legitimate transactions for a legitimate vendor. Per period transaction totals for specific periods for legitimate vendors are compared over historical time for suspicious activity. A comparison of reports from the two different periods, using exact data and software from those separate periods (instead of reporting from “current” data), may raise a red flag otherwise missed.

55 Citations

View as Search Results

4 Claims

1. An apparatus for maintaining high data integrity and for providing a secure audit for fraud prevention and detection, comprising:
- a client server comprising a memory storing instructions which are executed by a server processor to perform the steps of;
  
  copying digital data that is stored on at least one client production server;
  
  storing said digital data on a data storage and in an encrypted format comprising an encryption key that is held by any of a client and a client backup/restore service provider;
  
  archiving discrete versions of computer folders by making multiple, sequential copies of said digital data on a predetermined time interval schedule that comprises any of a set, dynamic, and randomly variable interval;
  
  a forensics analysis system comprising a memory storing instructions which are executed by a forensics analysis processor to perform the steps of;
  
  identifying a need to determine if fraud has occurred;
  
  creating a virtual client historical environment;
  
  comparing, in the virtual historical environment, putatively identical computer data of said archived discrete versions of computer folders stored on said data storage at different points in time and, based on said comparing, discovering missing documents that had been deleted or documents with modification dates that have changed when there would otherwise have been no need to change them, wherein said putatively identical data comprises a plurality of said discrete archival versions of said computer folders, each version containing documents as they existed at the point in time at which they were archived, said comparing comprising any of;
  
  comparing contents of said computer folders from different points in time, comparing the number of documents in said computer folders, comparing a last data and time of modification, and comparing the contents of a document in any of said computer folders at different points in time;
  
  based upon said comparing, identifying any of;
  
  missing documents or documents with modification dates that have changed when there would otherwise have been no need to change them, thereby discovering fraud or searching for evidence after a fraud is suspected; and
  
  based on said identifying missing documents or documents that have changed, restoring from said data storage data that has been saved on at least one point in time on said at least one client production server and that has been changed or deleted on said at least one client production server.

2. An apparatus for maintaining high data integrity and for providing a secure audit for fraud prevention and detection, comprising:
- a client server comprising a memory storing instructions which are executed by a server processor to perform the steps of;
  
  copying digital data that is stored on at least one client production server;
  
  storing said digital data on a data storage and in an encrypted format comprising an encryption key that is held by any of a client and a client backup/restore service provider;
  
  archiving discrete versions of said digital data by making multiple, sequential copies of said digital data on a predetermined time interval schedule that comprises any of a set, dynamic, and randomly variable interval;
  
  a forensics analysis system comprising a memory storing instructions which are executed by a forensics analysis processor to perform the steps of;
  
  identifying a need to determine if fraud has occurred;
  
  creating a virtual client historical environment;
  
  comparing, in the virtual historical environment, putatively identical computer data of said archived discrete versions of digital data stored on said data storage at different points in time and, based on said comparing, discovering missing digital data or digital data that have changed when there would otherwise have been no need to change them, wherein said putatively identical data comprises a plurality of said discrete archival versions of said digital data, each version containing said digital data as they existed at the point in time at which they were archived, said comparing comprising any of;
  
  comparing contents of said digital data from different points in time and comparing a last data and time of modification;
  
  based upon said comparing, identifying any of;
  
  missing digital data and digital data that have changed when there would otherwise have been no need to change them, thereby discovering fraud or searching for evidence after a fraud is suspected; and
  
  based on said identifying missing digital data or digital data that have changed, restoring from said data storage data that has been saved on at least one point in time on said at least one client production server and that has been changed or deleted on said at least one client production server.

3. A method for maintaining high data integrity and for providing a secure audit for fraud prevention and detection, comprising the steps of:
- providing a client server comprising a server processor executing instructions to perform the steps of;
  
  copying digital data that is stored on at least one client production server;
  
  storing said digital data on a data storage and in an encrypted format comprising an encryption key that is held by any of a client and a client backup/restore service provider;
  
  archiving discrete versions of computer folders by making multiple, sequential copies of said digital data on a predetermined time interval schedule that comprises any of a set, dynamic, and randomly variable interval;
  
  a forensics analysis system comprising a forensics analysis processor executing instructions to perform the steps of;
  
  identifying a need to determine if fraud has occurred;
  
  creating a virtual client historical environment;
  
  comparing, in the virtual historical environment, putatively identical computer data of said archived discrete versions of computer folders stored on said data storage at different points in time and, based on said comparing, discovering missing documents or documents with modification dates that have changed when there would otherwise have been no need to change them, wherein said putatively identical data comprises a plurality of said discrete archival versions of said computer folders, each version containing documents as they existed at the point in time at which they were archived, said comparing comprising any of;
  
  comparing contents of said computer folders from different points in time, comparing the number of documents in said computer folders, comparing a last data and time of modification, and comparing the contents of a document in any of said computer folders at different points in time;
  
  based upon said comparing, identifying any of;
  
  missing documents or documents with modification dates that have changed when there would otherwise have been no need to change them, thereby discovering fraud or searching for evidence after a fraud is suspected; and
  
  based on said identifying missing documents or documents that have changed, restoring from said data storage data that has been saved on at least one point in time on said at least one client production server and that has been changed or deleted on said at least one client production server.

4. A method for maintaining high data integrity and for providing a secure audit for fraud prevention and detection, comprising the steps of:
- providing a client server comprising a server processor executing instructions to perform the steps of;
  
  copying digital data that is stored on at least one client production server;
  
  storing said digital data on a data storage and in an encrypted format comprising an encryption key that is held by any of a client and a client backup/restore service provider;
  
  archiving discrete versions of said digital data by making multiple, sequential copies of said digital data on a predetermined time interval schedule that comprises any of a set, dynamic, and randomly variable interval;
  
  a forensics analysis system comprising a forensics analysis processor executing instructions to perform the steps of;
  
  identifying a need to determine if fraud has occurred;
  
  creating a virtual client historical environment;
  
  comparing, in the virtual historical environment, putatively identical computer data of said archived discrete versions of digital data stored on said data storage at different points in time and, based on said comparing, discovering missing digital data or digital data that have changed when there would otherwise have been no need to change them, wherein said putatively identical data comprises a plurality of said discrete archival versions of said digital data, each version containing said digital data as they existed at the point in time at which they were archived, said comparing comprising any of;
  
  comparing contents of said digital data from different points in time and comparing a last data and time of modification;
  
  based upon said comparing, identifying any of;
  
  missing digital data and digital data that have changed when there would otherwise have been no need to change them, thereby discovering fraud or searching for evidence after a fraud is suspected; and
  
  based on said identifying missing digital data or digital data that have changed, restoring from said data storage data that has been saved on at least one point in time on said at least one client production server and that has been changed or deleted on said at least one client production server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nbrella, Inc.
Original Assignee
Nbrella, Inc.
Inventors
Price, Michael, DeGraffenreid, Scott, Dito, Joseph, Price, Taylor
Primary Examiner(s)
Cribbs, Malcolm

Application Number

US14/446,045
Publication Number

US 20140337241A1
Time in Patent Office

1,568 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/55   Detecting local intrusion o...

G06F 21/57   Certifying or maintaining t...

G06F 21/64   Protecting data integrity, ...

G06Q 10/10   Office automation; Time man...

G06Q 30/0185   Product, service or busines...

G06Q 40/12   Accounting

Method and apparatus for maintaining high data integrity and for providing a secure audit for fraud prevention and detection

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

55 Citations

4 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for maintaining high data integrity and for providing a secure audit for fraud prevention and detection

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

55 Citations

4 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links