SYSTEMS AND METHODS FOR CLOUD DATA LOSS PREVENTION INTEGRATION
First Claim
1. A computer-implemented system comprising:
- a job scheduler implemented by one or more processors and configured to receive an activity notification from a cloud service that stores data on behalf of an enterprise, the activity notification specifying a file name of a file involved in an activity performed by the cloud service;
the job scheduler further configured to, responsive to receiving the activity notification, storing the activity notification in a queue prior to downloading the file from the cloud service;
a backend server implemented by one or more processors and configured to download the file from the cloud service using the file name specified by the activity notification and an enterprise user identifier;
a data loss prevention engine, implemented by one or more processors, wherein the data loss prevention engine is separate from the cloud service, and configured to analyze the downloaded file against a data loss prevention rule which identifies and tracks confidential data;
the backend server is further configured to, responsive to an outcome of an analysis of the downloaded file against the data loss prevention rule, communicate an action response to the cloud service directing the cloud service to perform an action on the file stored by the cloud service, the action being based on the outcome of the analysis;
the analysis by the one or more processors is performed independently of any logic residing on, or operations performed by, the cloud based service; and
the data loss prevention engine further configured to generate a report that tracks and reports on the activity notification.
2 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and computer readable medium is provided to provide an integrated storage system. For example, an embodiment may detect, by an enterprise computer system, an activity notification from a cloud service that stores data on behalf of an enterprise. The activity notification may specify a file name involved in an activity performed by the cloud service (e.g., creating or modifying a file). The enterprise computer system may then download a file (or contents thereof) from the cloud service using the file name specified by the activity notification. After downloading the file, the enterprise computer system may analyze the file against a data loss prevention rule. Based on an outcome from the data loss prevention rule, the enterprise computer system may communicate an action response to the cloud service. The action response may direct the cloud service to perform an action on the file stored by the cloud service.
26 Citations
20 Claims
-
1. A computer-implemented system comprising:
-
a job scheduler implemented by one or more processors and configured to receive an activity notification from a cloud service that stores data on behalf of an enterprise, the activity notification specifying a file name of a file involved in an activity performed by the cloud service; the job scheduler further configured to, responsive to receiving the activity notification, storing the activity notification in a queue prior to downloading the file from the cloud service; a backend server implemented by one or more processors and configured to download the file from the cloud service using the file name specified by the activity notification and an enterprise user identifier; a data loss prevention engine, implemented by one or more processors, wherein the data loss prevention engine is separate from the cloud service, and configured to analyze the downloaded file against a data loss prevention rule which identifies and tracks confidential data; the backend server is further configured to, responsive to an outcome of an analysis of the downloaded file against the data loss prevention rule, communicate an action response to the cloud service directing the cloud service to perform an action on the file stored by the cloud service, the action being based on the outcome of the analysis; the analysis by the one or more processors is performed independently of any logic residing on, or operations performed by, the cloud based service; and the data loss prevention engine further configured to generate a report that tracks and reports on the activity notification. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10)
-
-
2. (canceled)
-
11. A computer-implemented method comprising:
-
receiving an activity notification from a cloud service that stores data on behalf of an enterprise, the activity notification specifying a file name of a file involved in an activity performed by the cloud service; responsive to receiving the activity notification, storing the activity notification in a queue prior to downloading the file from the cloud service; downloading the file from the cloud service using the file name specified by the activity notification; analyzing, by one or more processors, the downloaded file against a data prevention loss rule, wherein the analysis of the one or more processors is performed independently of any logic residing on, or operations performed by, the cloud based service; responsive to an outcome of the analyzing of the downloaded file against the data loss prevention rule, communicating an action response to the cloud service, the action response directing the cloud service to perform an action on the file stored by the cloud service based on the outcome of the analyzing; and generating a report on the activity notification over a time period. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
12. (canceled)
-
20. A non-transitory computer-readable medium storing executable instructions thereon, which, when executed by a processor, cause the processor to perform operations comprising:
-
detecting an activity notification from a cloud service that stores data on behalf of an enterprise, the activity notification specifying a file name of a file involved in an activity performed by the cloud service; responsive to receiving the activity notification, storing the activity notification in a queue prior to downloading the file from the cloud service; downloading the file from the cloud service using the file name specified by the activity notification; analyzing the downloaded file against a data loss prevention rule, wherein the analysis is performed independently of any logic residing on, or operations performed by, the cloud based service; responsive to an outcome of the analyzing of the downloaded file against the data loss prevention rule, communicating an action response to the cloud service, the action response directing the cloud service to perform an action on the file stored by the cloud service, the action being based on the outcome of the analyzing; and generating a report on the activity notification.
-
Specification