Methods and systems for normalizing data loss prevention categorization information
First Claim
1. A computer-implemented method for normalizing data-loss-prevention categorization information, at least a portion of the method being performed by a computing system comprising at least one processor, the method comprising:
- identifying a data object at a first time;
applying a set of data-loss-prevention rules to the data object to determine a set of categorizations of the data object;
distinguishing a set of content-based categorizations in the set of categorizations from a set of context-based categorizations in the set of categorizations;
storing the set of content-based categorizations;
applying, based on the set of categorizations, a first data-loss-prevention policy to the data object;
identifying the data object at a second time;
reusing the set of content-based categorizations to apply a second data-loss-prevention policy to the data object, wherein reusing the set of content-based categorizations to apply the second data-loss-prevention policy to the data object comprises;
determining a new set of context-based categorizations of the data object at the second time;
forming a new set of categorizations based on the new set of context-based categorizations and the set of content-based categorizations; and
applying, based on the new set of categorizations, the second data-loss-prevention policy to the data object.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for normalizing data-loss-prevention categorization information, at least a portion of the method being performed by a computing system comprising at least one processor, may identify a data object at a first time. The method may apply a first version of a set of data-loss-prevention rules to the data object to determine a set of categorizations of the data object. The method may distinguish a set of content-based categorizations in the set of categorizations from a set of context-based categorizations in the set of categorizations. The method may apply, based on the set of categorizations, a first data-loss-prevention policy to the data object. The method may identify the data object at a second time, and apply, based on the set of content-based categorizations, a second data-loss-prevention policy to the data object. Various other methods, systems, and computer-readable media are also disclosed.
72 Citations
19 Claims
-
1. A computer-implemented method for normalizing data-loss-prevention categorization information, at least a portion of the method being performed by a computing system comprising at least one processor, the method comprising:
-
identifying a data object at a first time; applying a set of data-loss-prevention rules to the data object to determine a set of categorizations of the data object; distinguishing a set of content-based categorizations in the set of categorizations from a set of context-based categorizations in the set of categorizations; storing the set of content-based categorizations; applying, based on the set of categorizations, a first data-loss-prevention policy to the data object; identifying the data object at a second time; reusing the set of content-based categorizations to apply a second data-loss-prevention policy to the data object, wherein reusing the set of content-based categorizations to apply the second data-loss-prevention policy to the data object comprises; determining a new set of context-based categorizations of the data object at the second time; forming a new set of categorizations based on the new set of context-based categorizations and the set of content-based categorizations; and applying, based on the new set of categorizations, the second data-loss-prevention policy to the data object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer-implemented method for normalizing data-loss-prevention categorization information, at least a portion of the method being performed by a computing system comprising at least one processor, the method comprising:
-
identifying a data object at a first time; applying a first version of a set of data-loss-prevention rules to the data object to determine a set of categorizations of the data object; distinguishing a set of content-based categorizations in the set of categorizations from a set of context-based categorizations in the set of categorizations; applying, based on the set of categorizations, a first data-loss-prevention policy to the data object;
identifying the data object at a second time;determining a difference between a first state of the set of data-loss-prevention rules at the first time and a second state of the set of data-loss-prevention rules at the second time; determining, based on the difference, whether to use the set of content-based categorizations to apply a second data-loss-prevention policy to the data object; reusing the set of content-based categorizations to apply the second data-loss-prevention policy to the data object, wherein reusing the set of content-based categorizations to apply the second data-loss-prevention policy to the data object comprises; determining a new set of context-based categorizations of the data object at the second time; forming a new set of categorizations based on the new set of context-based categorizations and the set of content-based categorizations; and applying, based on the new set of categorizations, the second data-loss-prevention policy to the data object. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A system for normalizing data-loss-prevention categorization information, the system comprising:
-
at least one processor; an identification module programmed to cause the at least one processor to identify a data object at a first time and a second time; a content-extraction module programmed to cause the at least one processor to extract content from the data object; a content-matching module programmed to cause the at least one processor to apply a first version of a set of data-loss-prevention rules to the data object to determine a set of categorizations of the data object; a categorization-normalization module programmed to cause the at least one processor to distinguish a set of content-based categorizations in the set of categorizations from a set of context-based categorizations in the set of categorizations; an enforcement module programmed to cause the at least one processor to apply, based on the set of categorizations, a first data-loss-prevention policy to the data object; an applicability module programmed to; determine a difference between a first state of the set of data-loss-prevention rules at the first time and a second state of the set of data-loss-prevention rules at the second time; determine, based on the difference, whether to use the set of content-based categorizations to apply a second data-loss-prevention policy to the data object; wherein the enforcement module is programmed to; reuse the set of content-based categorizations to apply the second data-loss-prevention policy to the data object, wherein the enforcement module is programmed to reuse the set of content-based categorizations to apply the second data-loss-prevention policy to the data object by; determining a new set of context-based categorizations of the data object at the second time; forming a new set of categorizations based on the new set of context-based categorizations and the set of content-based categorizations; and applying, based on the new set of categorizations, the second data-loss-prevention policy to the data object. - View Dependent Claims (18, 19)
-
Specification