×

Remedial actions based on user risk assessments

  • US 10,581,896 B2
  • Filed: 03/08/2017
  • Issued: 03/03/2020
  • Est. Priority Date: 12/30/2016
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • receiving, at a data processing apparatus and for each of a plurality of users within an organization;

    (i) user activity data describing a plurality of actions taken by the user by use of a user device over a period of time and risks associated with the actions, and (ii) user responsibility data describing responsibilities of the user within the organization, wherein;

    the user responsibility data comprises sensitivity assessment data characterizing a security risk associated with data to which the user has access; and

    the plurality of users within the organization comprises users having access to data associated with different security risks;

    processing, by the data processing apparatus and for each user;

    (i) the user activity data describing the actions taken by the user by use of the user device over the period of time and the risks associated with the actions, and (ii) the user responsibility data describing the responsibilities of the user within the organization, using a risk model to generate a risk assessment representative of a security risk resulting from the actions taken by the user by use of the user device; and

    determining, by the data processing apparatus, for each user and based on the risk assessment generated for the user, whether to implement a user-specific remedial action directed to risk mitigation, wherein the user-specific remedial action includes presenting a message to the user requesting that the user provide additional input before executing a current user device action being attempted by the user.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×