Privacy protection during insider threat monitoring
First Claim
1. A computer-implementable method for performing a privacy operation, comprising:
- monitoring user behavior via an Input/output collector, the Input/output collector capturing user/device interactions between a user and a device;
determining whether the user/device interactions include sensitive personal information;
obfuscating the sensitive personal information, the obfuscating preventing viewing of the sensitive personal information;
presenting the sensitive personal information as a sensitive personal information indication, the sensitive personal information indication indicating the user/device interactions include sensitive personal information;
offering the user an opportunity to enroll user sensitive personal information in a privacy protection system;
enrolling the user sensitive personal information in the privacy protection system, the enrolling preventing display of sensitive personal information to a security administrator via a company security system, the company security system comprising an insider threat monitoring system; and
,presenting a sensitive personal information indication via the company security system, the sensitive personal information indication informing the security administrator that sensitive personal information was entered by the user.
8 Assignments
0 Petitions
Accused Products
Abstract
A method, system and computer-usable medium are disclosed for performing a privacy operation, comprising: monitoring user behavior via a data stream collector, the data stream collector capturing data streams resulting from user/device interactions between a user and a corresponding endpoint device; determining whether the data streams resulting from user/device interactions include sensitive personal information; obfuscating the sensitive personal information, the obfuscating preventing unauthorized viewing of the sensitive personal information; and, presenting the sensitive personal information as a sensitive personal information token indicating the data streams include sensitive personal information.
67 Citations
17 Claims
-
1. A computer-implementable method for performing a privacy operation, comprising:
-
monitoring user behavior via an Input/output collector, the Input/output collector capturing user/device interactions between a user and a device; determining whether the user/device interactions include sensitive personal information; obfuscating the sensitive personal information, the obfuscating preventing viewing of the sensitive personal information; presenting the sensitive personal information as a sensitive personal information indication, the sensitive personal information indication indicating the user/device interactions include sensitive personal information; offering the user an opportunity to enroll user sensitive personal information in a privacy protection system; enrolling the user sensitive personal information in the privacy protection system, the enrolling preventing display of sensitive personal information to a security administrator via a company security system, the company security system comprising an insider threat monitoring system; and
,presenting a sensitive personal information indication via the company security system, the sensitive personal information indication informing the security administrator that sensitive personal information was entered by the user. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system comprising:
-
a processor; a data bus coupled to the processor; and a non-transitory, computer-readable storage medium embodying computer program code, the non-transitory, computer-readable storage medium being coupled to the data bus, the computer program code interacting with a plurality of computer operations and comprising instructions executable by the processor and configured for; monitoring user behavior via an Input/output collector, the Input/output collector capturing user/device interactions between a user and a device; determining whether the user/device interactions include sensitive personal information; obfuscating the sensitive personal information, the obfuscating preventing viewing of the sensitive personal information; presenting the sensitive personal information as a sensitive personal information indication, the sensitive personal information indication indicating the user/device interactions include sensitive personal information; offering the user an opportunity to enroll user sensitive personal information in a privacy protection system; enrolling the user sensitive personal information in the privacy protection system, the enrolling preventing display of sensitive personal information to a security administrator via a company security system, the company security system comprising an insider threat monitoring system; and
,presenting a sensitive personal information indication via the company security system, the sensitive personal information indication informing the security administrator that sensitive personal information was entered by the user. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory, computer-readable storage medium embodying computer program code, the computer program code comprising computer executable instructions configured for:
-
monitoring user behavior via an Input/output collector, the Input/output collector capturing user/device interactions between a user and a device; determining whether the data streams resulting from user/device interactions include sensitive personal information; obfuscating the sensitive personal information, the obfuscating preventing viewing of the sensitive personal information; presenting the sensitive personal information as a sensitive personal information indication, the sensitive personal information indication indicating the user/device interactions include sensitive personal information; offering the user an opportunity to enroll user sensitive personal information in a privacy protection system; enrolling the user sensitive personal information in the privacy protection system, the enrolling preventing display of sensitive personal information to a security administrator via a company security system, the company security system comprising an insider threat monitoring system; and
,presenting a sensitive personal information indication via the company security system, the sensitive personal information indication informing the security administrator that sensitive personal information was entered by the user. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
Specification