System and method for reducing security risk in computer network
First Claim
1. A computer-implemented method for reducing security risk in a computer network, the method comprising:
- collecting, by a processing device, from a plurality of computers in the network information about computer usage, security incidents, and communications between computer users;
retrieving, for each computer user, a user profile comprising at least a personal and professional information of the user, and a plurality of risk factors associated with the user;
calculating, for each computer user, values for the plurality of risk factors in the user profile based on the computer usage information collected from the computer of each user;
calculating, for each computer user, a user security rating based on the values of one or more risk factors of the plurality of risk factors in the user profile;
adjusting a security rating of at least one computer user based on (i) the personal or professional information of said at least one computer user, and (ii) the security rating of at least one other computer user with whom said at least one computer user communicated;
selecting security settings for the plurality of computers based on the security ratings of the users of said computers; and
applying the selected security setting to the plurality of computers to reduce security risk in the computer network.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are systems, methods and computer program products for reducing security risk in a computer network. The system includes an administration server that collects system usage, user profile and security incidents information from a plurality of computers in the network. The server determines values of one or more risk factors for each computer using the collected information. The server then calculates security rating of each computer user as a function of the risk factors and adjusts the calculated security rating of a given computer user based on the security ratings of other computer users with whom the given computer users communicates. The server then selects, based on the adjusted security rating, security settings for the computer of the given user in order to reduce user'"'"'s security risk to the computer network and applies the selected security settings to the computer of the given user.
-
Citations
18 Claims
-
1. A computer-implemented method for reducing security risk in a computer network, the method comprising:
-
collecting, by a processing device, from a plurality of computers in the network information about computer usage, security incidents, and communications between computer users; retrieving, for each computer user, a user profile comprising at least a personal and professional information of the user, and a plurality of risk factors associated with the user; calculating, for each computer user, values for the plurality of risk factors in the user profile based on the computer usage information collected from the computer of each user; calculating, for each computer user, a user security rating based on the values of one or more risk factors of the plurality of risk factors in the user profile; adjusting a security rating of at least one computer user based on (i) the personal or professional information of said at least one computer user, and (ii) the security rating of at least one other computer user with whom said at least one computer user communicated; selecting security settings for the plurality of computers based on the security ratings of the users of said computers; and applying the selected security setting to the plurality of computers to reduce security risk in the computer network. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for reducing security risk in a computer network, comprising:
-
a memory being configured to store a plurality of user profiles for a plurality of computer users, each user profile comprising at least a personal and professional information of the computer user, and a plurality of risk factors associated with the computer user; a processor coupled to the memory, the processor being configured to; receive from a plurality of computers in the network information about computer usage, security incidents, and communications between computer users; retrieve from the memory a user profile for each computer user; calculate, for each computer user, values for the plurality of risk factors in the user profile based on the computer usage information received from the computer of each user; calculate, for each computer user, a user security rating based on the values of one or more risk factors of the plurality of risk factors in the user profile; adjust a security rating of at least one computer user based on (i) the personal or professional information of said at least one computer user, and (ii) the security rating of at least one other computer user with whom said at least one computer user communicated; select security settings for the plurality of computers based on the security ratings of the users of said computers; and apply the selected security setting to the plurality of computers to reduce security risk in the computer network. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer program product embedded in a non-transitory computer-readable storage medium, the computer-readable storage medium comprising computer-executable instructions for reducing security risk in a computer network, the instructions for:
-
collecting, by a processing device, from a plurality of computers in the network information about computer usage, security incidents, and communications between computer users; retrieving, for each computer user, a user profile comprising at least a personal and professional information of the user, and a plurality of risk factors associated with the user; calculating, for each computer user, values for the plurality of risk factors in the user profile based on the computer usage information collected from the computer of each user; calculating, for each computer user, a user security rating based on the values of one or more risk factors of the plurality of risk factors in the user profile; adjusting a security rating of at least one computer user based on (i) the personal or professional information of said at least one computer user, and (ii) the security rating of at least one other computer user with whom said at least one computer user communicated; and selecting security settings for the plurality of computers based on the security ratings of the users of said computers; and applying the selected security setting to the plurality of computers to reduce security risk in the computer network. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification