Intelligence and analysis driven security and compliance recommendations

US 10,579,821 B2
Filed: 03/17/2017
Issued: 03/03/2020
Est. Priority Date: 12/30/2016
Status: Active Grant

First Claim

Patent Images

1. A method to provide intelligence and analysis driven security and compliance suggestions for hosted services, the method comprising:

analyzing a tenant'"'"'s service environment to determine a need for a policy or a configuration change, wherein analyzing the tenant'"'"'s service environment comprises analyzing data, metadata, and activities associated with the tenant and one or more users;

determining, with a computing device, a suggested policy or configuration based on analysis results and a tenant profile, wherein the tenant profile includes one or more of an industry, a size, a geographical location, a hosted service ecosystem, a role, a regulatory requirement, and a legal requirement associated with the tenant;

presenting the suggested policy or configuration along with the analysis results and a prompt to confirm implementation of the suggested policy or configuration; and

upon receiving a confirmation of the implementation of the suggested policy or configuration, presenting an option to modify settings of the suggested policy or configuration.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Hosted services provided by service provider tenants to their users are an increasingly common software usage model. The usage of such services and handling of data may be subject to regulatory, legal, and industry-based rules, where different rules may be applicable depending on the particular service, handled data, and organization type, for example. Embodiments are directed to providing intelligence and analysis driven security and compliance suggestions for hosted services to reduce the burden on tenant administrators to determine and implement applicable policies and rules. Claims are directed to determination of a suggestion based on an analysis of a tenant'"'"'s service environment, presentation of the suggestion along with analysis results and a prompt to confirm implementation of the suggestion, and upon receiving confirmation, presentation of an option to customize the suggestion by modifying settings suggested based on analysis results. The suggestion may be a policy, organization, policy customization, or organization customization.

Citations

18 Claims

1. A method to provide intelligence and analysis driven security and compliance suggestions for hosted services, the method comprising:
- analyzing a tenant'"'"'s service environment to determine a need for a policy or a configuration change, wherein analyzing the tenant'"'"'s service environment comprises analyzing data, metadata, and activities associated with the tenant and one or more users;
  
  determining, with a computing device, a suggested policy or configuration based on analysis results and a tenant profile, wherein the tenant profile includes one or more of an industry, a size, a geographical location, a hosted service ecosystem, a role, a regulatory requirement, and a legal requirement associated with the tenant;
  
  presenting the suggested policy or configuration along with the analysis results and a prompt to confirm implementation of the suggested policy or configuration; and
  
  upon receiving a confirmation of the implementation of the suggested policy or configuration, presenting an option to modify settings of the suggested policy or configuration.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - automatically implementing the suggested policy or configuration.
  - 3. The method of claim 1, wherein analyzing a tenant'"'"'s service environment to determine a need for a policy comprises:
    - retrieving a currently implemented policy or configuration; and
      
      determining whether the currently implemented policy or configuration includes protection for available data types.
  - 4. The method of claim 3, further comprising:
    - in response to a determination that the currently implemented policy or configuration provides protection for the available data types, providing a confirmation.
  - 5. The method of claim 3, further comprising:
    - in response to a determination that the currently implemented policy or configuration does not protect the available data types;
      
      detecting a particular type of data from the available data types within the tenant'"'"'s service environment;
      
      determining whether the particular type of data detected is protected by the currently implemented policy or configuration; and
      
      in response to a determination that the particular type of data detected is not protected by the currently implemented policy or configuration, reactively suggesting a policy, a configuration, a policy customization, or a configuration customization to protect the particular type of data.
  - 6. The method of claim 5, further comprising:
    - in response to detecting no particular types of data from the available data types within the tenant'"'"'s service environment or that the type of data detected is protected by the currently implemented policy or configuration, proactively suggesting a policy or a configuration to protect a type of data that could be potentially stored in the tenant'"'"'s service environment and is not protected by the currently implemented policy or configuration based on the analysis.
  - 7. The method of claim 1, wherein determining the suggested policy or configuration based on analysis results further comprises:
    - detecting a pattern based on the analysis of the tenant'"'"'s service environment;
      
      deriving an insight for an applicable policy or configuration based on the pattern; and
      
      generating the suggested policy or configuration based on the derived insight.
  - 8. The method of claim 1, further comprising:
    - presenting the suggested policy or configuration and the option to modify the suggested policy or configuration through a dashboard.
  - 9. The method of claim 1, further comprising:
    - monitoring the suggested policy or configuration once implemented;
      
      creating a performance report based on the monitoring; and
      
      analyzing and determining suggested policy or configuration updates based on the performance report.

10. A server configured to provide intelligence and analysis driven security and compliance suggestions for hosted services, the server comprising:
- a communication interface configured to facilitate communication between another server hosting a service, one or more client devices, and the server;
  
  a memory configured to store instructions; and
  
  one or more processors coupled to the communication interface and the memory and configured to execute a security and compliance module, wherein the security and compliance module is configured to;
  
  analyze a tenant'"'"'s service environment to determine a need for a policy or configuration by analyzing data, metadata, and activities associated with the tenant and one or more users;
  
  determine a suggested policy or configuration based on analysis results and a tenant profile, wherein the tenant profile includes one or more of an industry, a size, a geographical location, a hosted service ecosystem, a role, a regulatory requirement, and a legal requirement associated with the tenant;
  
  present the suggested policy or configuration along with the analysis results and a prompt to confirm implementation of the suggested policy or configuration; and
  
  upon receipt of a confirmation of the implementation of the suggested policy or configuration, present an option to modify settings of the suggested policy or configuration.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The server of claim 10, wherein the analysis of the tenant'"'"'s service environment to determine a need for a policy or configuration is based on one or more of whether a currently implemented policy or configuration protects available data types, whether a particular type of data from the available data types is detected within the tenant'"'"'s service environment, and whether the particular type of data detected is protected by the currently implemented policy or configuration.
  - 12. The server of claim 11, wherein the available data types include financial, tax, health or medical, personal, or business.
  - 13. The server of claim 10, wherein the security and compliance module is an integral module of the hosted service.
  - 14. The server of claim 10, wherein the security and compliance module is an integral module of a client application locally installed on the one or more client devices.
  - 15. The server of claim 10, wherein the security and compliance module is a separate module associated with a protection service.

16. A system configured to provide intelligence and analysis driven security and compliance suggestions for hosted services, the system comprising:
- a first server configured to host a service for a tenant and one or more users; and
  
  a second server, comprising;
  
  a communication interface configured to facilitate communication between the first server and the second server;
  
  a memory configured to store instructions; and
  
  one or more processors coupled to the communication interface and the memory and configured to execute a security and compliance module, wherein the security and compliance module is configured to;
  
  receive data, metadata, and activities associated with the tenant and the one or more users from the first server;
  
  analyze the data, metadata, and activities associated with the tenant and the one or more users to determine a need for a policy, a configuration, a policy customization, or a configuration customization;
  
  determine a suggestion based on analysis results and a tenant profile, wherein the tenant profile includes one or more of an industry, a size, a geographical location, a hosted service ecosystem, a role, a regulatory requirement, and a legal requirement associated with the tenant and the suggestion includes a suggested policy, organization, policy customization, or organization customization;
  
  present the suggestion along with the analysis results and a prompt to confirm implementation of the suggestion;
  
  upon receipt of a confirmation of the implementation of the suggestion, present an option to modify settings of the suggested policy or configuration; and
  
  monitor the implemented suggestion.
- View Dependent Claims (17, 18)
- - 17. The system of claim 16, wherein the security and compliance module is further configured to determine and present another suggestion to modify or update the implemented suggestion based on monitoring results.
  - 18. The system of claim 17, wherein the another suggestion includes one or more alert generation and management, tenant configuration changes, profile generation, and user interface customization.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Larson, Karissa C., Su, Churli, Liang, Wenjie, Chen, Binyan, Appleby, Ben, Janardhan, Anupama, Xu, Ning
Primary Examiner(s)
Abedin, Shanto

Application Number

US15/462,466
Publication Number

US 20180189517A1
Time in Patent Office

1,082 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/552   involving long-term monitor...

G06F 21/60   Protecting data

G06F 21/6245   Protecting personal data, e...

G06Q 10/101   Collaborative creation, e.g...

H04L 67/01   Protocols

Intelligence and analysis driven security and compliance recommendations

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Intelligence and analysis driven security and compliance recommendations

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links