Data protection within an unsecured storage environment
First Claim
1. A system for securing data within an unsecured environment, the system comprising:
- a storage management system implemented in computer hardware, the storage management system separate from a primary storage environment, the storage management system configured to;
receive data to be backed up from the primary storage environment, the data comprising a plurality of files, the primary storage environment comprising an at least partially unsecured storage environment, wherein at least some data stored in the at least partially unsecured storage environment is stored in an unencrypted form or in a storage location with shared access;
perform a natural language processing process on the plurality of files to determine content of files within the plurality of files;
access a security policy for the primary storage environment;
tag the files within the plurality of files based at least in part on the content of the files and the security policy;
select a file from the plurality files based at least in part on the tags of the files;
index a location of the file at the primary storage environment, thereby enabling a secured version of the file to replace the file at the location of the file at the primary storage environment; and
secure the file at the primary storage environment by at least modifying a storage location or storage format of the file.
2 Assignments
0 Petitions
Accused Products
Abstract
A backup or storage management system is provided that can secure data within a primary storage environment that stores data in an unsecured format. The storage management system can automatically analyze data received for backup from the primary storage environment and determine whether the data includes information that has been identified as sensitive and/or information that is determined within a threshold degree of probability to be sensitive. The storage management system can then modify the storage of the data that includes sensitive information at the primary storage environment, thereby enabling the data to be secured within the unsecured, or partially secured, primary storage environment. Advantageously, in certain embodiments, by securing data with sensitive information within an unsecured storage environment, embodiments disclosed herein can reduce the occurrences of a data breach or data leak.
484 Citations
18 Claims
-
1. A system for securing data within an unsecured environment, the system comprising:
a storage management system implemented in computer hardware, the storage management system separate from a primary storage environment, the storage management system configured to; receive data to be backed up from the primary storage environment, the data comprising a plurality of files, the primary storage environment comprising an at least partially unsecured storage environment, wherein at least some data stored in the at least partially unsecured storage environment is stored in an unencrypted form or in a storage location with shared access; perform a natural language processing process on the plurality of files to determine content of files within the plurality of files; access a security policy for the primary storage environment; tag the files within the plurality of files based at least in part on the content of the files and the security policy; select a file from the plurality files based at least in part on the tags of the files; index a location of the file at the primary storage environment, thereby enabling a secured version of the file to replace the file at the location of the file at the primary storage environment; and secure the file at the primary storage environment by at least modifying a storage location or storage format of the file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
10. A computer-implemented method of securing data within an unsecured environment, the computer-implemented method comprising:
as implemented by a storage management system implemented in computer hardware and configured with specific computer-executable instructions, receiving data to be backed up from a primary storage environment, the data comprising a plurality of files, the primary storage environment comprising an at least partially unsecured storage environment, wherein at least some data stored in the at least partially unsecured storage environment is stored in an unencrypted form or in a storage location with shared access; performing a natural language processing process on the plurality of files to determine content of files within the plurality of files; accessing a security policy for the primary storage environment; tagging the files within the plurality of files based at least in part on the content of the files and the security policy; selecting a file from the plurality files based at least in part on the tags of the files; indexing a location of the file at the primary storage environment, thereby enabling a secured version of the file to replace the file at the location of the file at the primary storage environment; and securing the file at the primary storage environment by at least modifying a storage location or storage format of the file. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
Specification