Intelligence and analysis driven security and compliance recommendations
First Claim
1. A method to provide intelligence and analysis driven security and compliance suggestions for hosted services, the method comprising:
- analyzing a tenant'"'"'s service environment to determine a need for a policy or a configuration change, wherein analyzing the tenant'"'"'s service environment comprises analyzing data, metadata, and activities associated with the tenant and one or more users;
determining, with a computing device, a suggested policy or configuration based on analysis results and a tenant profile, wherein the tenant profile includes one or more of an industry, a size, a geographical location, a hosted service ecosystem, a role, a regulatory requirement, and a legal requirement associated with the tenant;
presenting the suggested policy or configuration along with the analysis results and a prompt to confirm implementation of the suggested policy or configuration; and
upon receiving a confirmation of the implementation of the suggested policy or configuration, presenting an option to modify settings of the suggested policy or configuration.
2 Assignments
0 Petitions
Accused Products
Abstract
Hosted services provided by service provider tenants to their users are an increasingly common software usage model. The usage of such services and handling of data may be subject to regulatory, legal, and industry-based rules, where different rules may be applicable depending on the particular service, handled data, and organization type, for example. Embodiments are directed to providing intelligence and analysis driven security and compliance suggestions for hosted services to reduce the burden on tenant administrators to determine and implement applicable policies and rules. Claims are directed to determination of a suggestion based on an analysis of a tenant'"'"'s service environment, presentation of the suggestion along with analysis results and a prompt to confirm implementation of the suggestion, and upon receiving confirmation, presentation of an option to customize the suggestion by modifying settings suggested based on analysis results. The suggestion may be a policy, organization, policy customization, or organization customization.
-
Citations
18 Claims
-
1. A method to provide intelligence and analysis driven security and compliance suggestions for hosted services, the method comprising:
-
analyzing a tenant'"'"'s service environment to determine a need for a policy or a configuration change, wherein analyzing the tenant'"'"'s service environment comprises analyzing data, metadata, and activities associated with the tenant and one or more users; determining, with a computing device, a suggested policy or configuration based on analysis results and a tenant profile, wherein the tenant profile includes one or more of an industry, a size, a geographical location, a hosted service ecosystem, a role, a regulatory requirement, and a legal requirement associated with the tenant; presenting the suggested policy or configuration along with the analysis results and a prompt to confirm implementation of the suggested policy or configuration; and upon receiving a confirmation of the implementation of the suggested policy or configuration, presenting an option to modify settings of the suggested policy or configuration. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A server configured to provide intelligence and analysis driven security and compliance suggestions for hosted services, the server comprising:
-
a communication interface configured to facilitate communication between another server hosting a service, one or more client devices, and the server; a memory configured to store instructions; and one or more processors coupled to the communication interface and the memory and configured to execute a security and compliance module, wherein the security and compliance module is configured to; analyze a tenant'"'"'s service environment to determine a need for a policy or configuration by analyzing data, metadata, and activities associated with the tenant and one or more users; determine a suggested policy or configuration based on analysis results and a tenant profile, wherein the tenant profile includes one or more of an industry, a size, a geographical location, a hosted service ecosystem, a role, a regulatory requirement, and a legal requirement associated with the tenant; present the suggested policy or configuration along with the analysis results and a prompt to confirm implementation of the suggested policy or configuration; and upon receipt of a confirmation of the implementation of the suggested policy or configuration, present an option to modify settings of the suggested policy or configuration. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A system configured to provide intelligence and analysis driven security and compliance suggestions for hosted services, the system comprising:
-
a first server configured to host a service for a tenant and one or more users; and
a second server, comprising;a communication interface configured to facilitate communication between the first server and the second server; a memory configured to store instructions; and one or more processors coupled to the communication interface and the memory and configured to execute a security and compliance module, wherein the security and compliance module is configured to; receive data, metadata, and activities associated with the tenant and the one or more users from the first server; analyze the data, metadata, and activities associated with the tenant and the one or more users to determine a need for a policy, a configuration, a policy customization, or a configuration customization; determine a suggestion based on analysis results and a tenant profile, wherein the tenant profile includes one or more of an industry, a size, a geographical location, a hosted service ecosystem, a role, a regulatory requirement, and a legal requirement associated with the tenant and the suggestion includes a suggested policy, organization, policy customization, or organization customization; present the suggestion along with the analysis results and a prompt to confirm implementation of the suggestion; upon receipt of a confirmation of the implementation of the suggestion, present an option to modify settings of the suggested policy or configuration; and monitor the implemented suggestion. - View Dependent Claims (17, 18)
-
Specification