DYNAMIC EMPLOYEE SECURITY RISK SCORING

US 20110167011A1
Filed: 01/04/2010
Published: 07/07/2011
Est. Priority Date: 01/04/2010
Status: Active Application

First Claim

Patent Images

1. A method for quantifying employee security risk, the method comprising:

receiving, at a computing device, a plurality of security risk facts associated with an employee;

determining, via a computing device processor, an employee security risk score based on the plurality of security risk facts; and

storing, at computing device memory, the employee security risk score.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention relate to systems, methods, and computer program products that provide for an employee security risk score. The security risk score is presented as an extensible composite vector that supports an arbitrary number of risk categories. The risk categories can be aggregated at any level in the business hierarchy or according to any employee parameter. The simplistic, highly normalized approach to employee security risk scoring reduces redundancies and dependencies and provides for real-time updates, As such, the employee security risk scoring system provides for easily identifiable recognition of employees who pose security threats and for a means to track and monitor security risks posed by the employee based on their security risk score.

178 Citations

52 Claims

1. A method for quantifying employee security risk, the method comprising:
- receiving, at a computing device, a plurality of security risk facts associated with an employee;
  
  determining, via a computing device processor, an employee security risk score based on the plurality of security risk facts; and
  
  storing, at computing device memory, the employee security risk score.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein receiving the plurality of security risk facts further comprises receiving the plurality of security risk facts, wherein each security risk fact is associated with one of a plurality of security risk categories.
  - 3. The method of claim 2, wherein determining the employee security risk score further comprises determining, via a computing device processor, a security risk category score for each of the plurality of security risk categories.
  - 4. The method of claim 3, wherein determining the risk category score further comprises aggregating, via a computing device processor, the security risk facts associated with a security risk category to determine the security risk category score.
  - 5. The method of claim 3, further comprising weighting one or more of the security risk facts based on security risk significance prior to determining the security risk category score.
  - 6. The method of claim 3, wherein determining the employee security risk score further comprising determining, via a computing device processor, for each of the plurality of security risk categories and for a predetermined employee parameter, a security risk category average and a security risk category standard deviation.
  - 7. The method of claim 6, wherein determining the employee risk score further comprises determining, via a computing device processor, an employee parameter-specific sigma score for each of the plurality of security risk categories based on the security risk category score, the security risk category average and the security risk category standard deviation.
  - 8. The method of claim 7, wherein determining the employee parameter-specific sigma score further comprises subtracting the security risk category average from the security risk category score to result in a remainder and dividing the remainder by the security risk category standard deviation.
  - 9. The method of claim 6, wherein determining the employee risk score further comprises aggregating all positive-valued employee parameter-specific sigma scores to result in the employee risk score.
  - 10. The method of claim 6, wherein aggregating further comprises applying a predetermined weight to one or more of the positive-valued parameter-specific sigma scores, wherein the predetermined weight is based on the significance of the security risk category associated with the sigma score in determining the employee risk score.
  - 11. The method of claim 2, wherein receiving the plurality of security risk facts further comprises receiving the plurality of security risk facts, wherein each security risk fact is associated with one of the plurality of risk categories, wherein the risk categories include one or more of (1) access to non-public information, (2) consumption of non-public information, (3) ability to export data from an employer device, (4) risk triggering events, (5) hardware encountered and security risk of hardware encountered and (6) high-risk user indicators.
  - 12. The method of claim 6, wherein determining, for each of the plurality of security risk categories and for the predetermined employee parameter, the security risk category average and the security risk category standard further defines the predetermined employee parameter as a level within an employer hierarchy.
  - 13. The method of claim 12, wherein determining, for each of the plurality of security risk categories and for the predetermined employee parameter, the security risk category average and the security risk category standard further defines the predetermined employee parameter as one of job title or business unit.
  - 14. The method of claim 1, wherein receiving the plurality of security risk facts further comprises converting one or more of the security risk facts to a common security risk fact format.

15. A method for quantifying employee security risk, the method comprising:
- receiving, at a computing device, a plurality of security risk facts, wherein each security risk fact is associated with one of a plurality of security risk categories;
  
  determining, via a computing device, a security risk category score for each of the plurality of security risk categories based on one or more security risk facts associated with the security risk category;
  
  determining, via a computing device processor, for each of the plurality of security risk categories and for a predetermined employee parameter, a security risk category average and a security risk category standard;
  
  determining, via a computing device processor, an employee parameter-specific sigma score for each of the plurality of security risk categories based on the security risk category score, the security risk category average and the security risk category standard deviation;
  
  determining, via a computing device processor, an employee security risk score associated with the employee parameter based on the employee-parameter specific sigma score for each of the plurality of security risk categories; and
  
  storing, in computing device memory, the employee security risk store.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, wherein determining the security risk category score further comprises aggregating, via a computing device processor, the security risk facts associated with a security risk category to determine the security risk category score.
  - 17. The method of claim 15, further comprising weighting one or more the security risk facts based on security risk significance prior to determining the security risk category score.
  - 18. The method of claim 15, wherein determining the employee parameter-specific sigma score further comprises subtracting the security risk category average from the security risk category score to result in a remainder and dividing the remainder by the security risk category standard deviation.
  - 19. The method of claim 15, wherein determining the employee risk score aggregating all positive-valued employee parameter-specific sigma scores to result in the employee risk score.
  - 20. The method of claim 19, wherein aggregating further comprises applying a predetermined weight to each of the positive-valued parameter-specific sigma scores, wherein the predetermined weight is based on the significance of the security risk category associated with the sigma score in determining the employee risk score.

21. An apparatus for quantifying employee security risk, the apparatus comprising:
- a computing platform including at least one processor and a memory;
  
  an employee security risk scoring module that is stored in the memory, executable by the processor, configured to receive a plurality of security risk facts associated with an employee and including,an employee security risk scoring logic configured to determine an employee security risk score based on the plurality of security risk facts.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 22. The apparatus of claim 21, wherein the employee security risk scoring module is further configured to receive the plurality of security risk facts, wherein each security risk fact is associated with one of a plurality of security risk categories.
  - 23. The apparatus of claim 22, wherein the employee security risk scoring logic further comprises a security risk category scoring routine configured to determine an employee-specific security risk category score for each of the plurality of security risk categories.
  - 24. The apparatus of claim 23, wherein the employee security category routine is further configured to aggregate the security risk facts associated with a security risk category to determine the security risk category score.
  - 25. The apparatus of claim 23, wherein the employee security risk scoring module further comprises a security risk fact weighting mechanism configured to apply a predetermined weight to one or more of the security risk facts based on security risk significance prior to determining the security risk category score.
  - 26. The apparatus of claim 23, wherein the employee security risk scoring logic further comprises,a security risk category average routine configured to determine a security risk category average for each of the plurality of security risk categories and for employees defined by a predetermined employee parameter, anda security risk category standard deviation routine configured to determine a security risk category standard deviation for each of the plurality of security risk categories and for employees defined by a predetermined employee parameter.
  - 27. The apparatus of claim 26, wherein the employee security risk scoring logic further a sigma scoring routine configured to determine an employee parameter-specific sigma score for each of the plurality of security risk categories based on the security risk category score, the security risk category average and the security risk category standard deviation.
  - 28. The apparatus of claim 27, wherein the sigma scoring routine is further configured to subtract the security risk category average from the security risk category score to result in a remainder and divide the remainder by the security risk category standard deviation to result in the sigma score.
  - 29. The apparatus of claim 28, wherein the employee risk scoring logic is further configured to aggregate all positive-valued employee parameter-specific sigma scores to result in the employee risk score.
  - 30. The apparatus of claim 29, wherein the employee risk scoring logic is further configured to apply predetermined weight to each of the positive-valued parameter-specific sigma scores, wherein the predetermined weight is based on the significance of the security risk category associated with the sigma score in determining the employee risk score.
  - 31. The apparatus of claim 22, wherein the plurality of risk categories include one or more of (1) access to non-public information, (2) consumption of non-public information, (3) ability to export data from an employer device, (4) risk triggering events, (5) hardware encountered and security risk of hardware encountered and (6) high-risk user indicators.
  - 32. The apparatus of claim 22, wherein the employee security risk scoring module is further configured to provide for dynamic user-addition or user-subtraction to the plurality of security risk categories without requiring change to the employee security risk scoring logic.
  - 33. The apparatus of claim 26, wherein the predetermined employee parameter is further defined as a level within an employer hierarchy.
  - 34. The apparatus of claim 33, wherein the predetermined employee parameter is further defined as one of job title or business unit.

35. An apparatus for quantifying employee security risk, the apparatus comprising:
- a computing platform including at least one processor and a memory;
  
  an employee security risk scoring module that is stored in the memory, executable by the processor, configured to receive a plurality of security risk facts associated with an employee and one of a plurality of security risk categories and including,an employee security risk scoring logic configured to determine an employee security risk score based on the plurality of security risk facts and including,a security risk category routine configured to determine a security risk category score for each of the plurality of security risk categories based on one or more security risk facts associated with the security risk category,a security risk category average routine configured to determine a security risk category average for each of the plurality of security risk categories and for employees defined by a predetermined employee parameter,a security risk category standard deviation routine configured to determine a security risk category standard deviation for each of the plurality of security risk categories and for employees defined by a predetermined employee parameter,a sigma scoring routine configured to determine an employee parameter-specific sigma score for each of the plurality of security risk categories based on the security risk category score, the security risk category average and the security risk category standard deviation, andemployee security risk scoring routine configured to determine the employee risk score associated with the employee parameter based on the employee-parameter specific sigma score for each of the plurality of security risk categories.
- View Dependent Claims (36, 37, 38, 39, 40, 41)
- - 36. The apparatus of claim 35, wherein the security risk category routine is further configured to aggregate the security risk facts associated with a security risk category to determine the security risk category score.
  - 37. The apparatus of claim 35, wherein the employees security risk scoring module further comprises a security risk fact weighting mechanism configured to apply a predetermined weight to one or more the security risk facts based on security risk significance prior to determining the security risk category score.
  - 38. The apparatus of claim 35, wherein the sigma scoring routine is further configured to subtract the security risk category average from the security risk category score to result in a remainder and divide the remainder by the security risk category standard deviation to result in the employee parameter-specific sigma score for each of the plurality of security risk categories.
  - 39. The apparatus of claim 35, wherein the employee risk scoring logic is further configured to aggregate all positive-valued employee parameter-specific sigma scores to result in the employee risk score.
  - 40. The apparatus of claim 39, wherein the employee risk scoring logic is further configured to apply a predetermined weight to each of the positive-valued parameter-specific sigma scores, wherein the predetermined weight is based on the significance of the security risk category associated with the sigma score in determining the employee risk score.
  - 41. The apparatus of claim 35, the employee security risk scoring module is further configured to provide for dynamic user-addition or user-subtraction to the plurality of security risk categories without requiring change to the employee security risk scoring logic.

42. A computer program product comprising:
- a computer-readable medium comprising;
  
  a first set of codes for causing a computer to receiving a plurality of security risk facts associated with an employee;
  
  a second set of codes for causing a computer to determine an employee security risk score based on the plurality of security risk facts; and
  
  a third set of codes for causing a computer to store the employee security risk score.
- View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50, 51, 52)
- - 43. The computer program product of claim 42, wherein the first set of codes is further configured to cause the computer to receive the plurality of security risk facts, wherein each security risk fact is associated with one of a plurality of security risk categories.
  - 44. The computer program product of claim 43, wherein the second set of codes is further configured to cause the computer to determine a security risk category score for each of the plurality of security risk categories.
  - 45. The computer program product of claim 44, wherein the second set of codes is further configured to cause the computer to aggregate the security risk facts associated with a security risk category to determine the security risk category score.
  - 46. The computer program product of claim 44, further comprising a fourth set of codes for causing a computer to apply a predetermined weight to one or more of the security risk facts based on security risk significance prior to determining the security risk category score.
  - 47. The computer program product of claim 44, wherein the second set of codes is further configured to cause the computer to determine, for each of the plurality of security risk categories and for a predetermined employee parameter, a security risk category average and a security risk category standard deviation.
  - 48. The computer program product of claim 47, wherein the second set of codes is further configured to cause the computer to determine an employee parameter-specific sigma score for each of the plurality of security risk categories based on the security risk category score, the security risk category average and the security risk category standard deviation.
  - 49. The computer program product of claim 48, wherein the second set of codes is further configured to cause the computer to subtract the security risk category average from the security risk category score to result in a remainder and dividing the remainder by the security risk category standard deviation to result in the employee parameter-specific sigma score.
  - 50. The computer program product of claim 48, wherein the second set of codes is further configured to cause the computer to aggregate all positive-valued employee parameter-specific sigma scores to result in the employee risk score.
  - 51. The computer program product of claim 50, wherein the second set of codes is further configured to cause the computer to apply a predetermined weight to each of the positive-valued parameter-specific sigma scores, wherein the predetermined weight is based on the significance of the security risk category associated with the sigma score in determining the employee risk score.
  - 52. The computer program product of claim 44, wherein the first set of codes is further configured to cause the computer to convert one or more of the security risk facts to a common security risk fact format.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Froelich, Craig, Pritmani, Ravi, Baikalov, Igor, Paltenghe, Cris T., Kirby, Craig

Granted Patent

US 10,282,702 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/320
CPC Class Codes

G06Q 10/06   Resources, workflows, human...

G06Q 10/10   Office automation; Time man...

G06Q 10/105   Human resources

G06Q 50/265   Personal security, identity...

DYNAMIC EMPLOYEE SECURITY RISK SCORING

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

178 Citations

52 Claims

Specification

Solutions

Use Cases

Quick Links

DYNAMIC EMPLOYEE SECURITY RISK SCORING

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

178 Citations

52 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links