Method and apparatus for creating an information security policy based on a pre-configured template
First Claim
Patent Images
1. A method comprising:
- identifying, by a computer system, one of a plurality of policy templates, wherein each of the plurality of policy templates includes information for creation of one or more policies for preventing use-restricted content from being sent over a network and a plurality of rules specifying conditions that trigger a policy violation;
identifying, by the computer system, source data having a tabular structure, the source data including a plurality of data elements having the use-restricted content; and
automatically creating, by the computer system, a first policy based on the identified policy template and the source data, wherein creating the first policy comprises comparing sets of columns specified in the plurality of rules of the policy template to columns of the source data, wherein the first policy is used for preventing presence of the plurality of data elements in a message sent by a user over the network, the plurality of data elements having the use-restricted content and being from the tabular structure of the identified source data, the first policy triggering an action involving the message upon detecting, in the message being sent by the user, information matching the plurality of data elements having the use-restricted content from the tabular structure of the identified source data.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for creating a policy based on a pre-configured template is described. In one embodiment, source data having a tabular structure is identified. Further, one of multiple policy templates is used to automatically create a policy for detecting information from any one or more rows within the tabular structure of the source data.
158 Citations
35 Claims
-
1. A method comprising:
-
identifying, by a computer system, one of a plurality of policy templates, wherein each of the plurality of policy templates includes information for creation of one or more policies for preventing use-restricted content from being sent over a network and a plurality of rules specifying conditions that trigger a policy violation; identifying, by the computer system, source data having a tabular structure, the source data including a plurality of data elements having the use-restricted content; and automatically creating, by the computer system, a first policy based on the identified policy template and the source data, wherein creating the first policy comprises comparing sets of columns specified in the plurality of rules of the policy template to columns of the source data, wherein the first policy is used for preventing presence of the plurality of data elements in a message sent by a user over the network, the plurality of data elements having the use-restricted content and being from the tabular structure of the identified source data, the first policy triggering an action involving the message upon detecting, in the message being sent by the user, information matching the plurality of data elements having the use-restricted content from the tabular structure of the identified source data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system comprising:
-
a memory hosting a template data store to store a plurality of policy templates, wherein each of the plurality of policy templates includes information for creation of one or more policies for preventing use-restricted content from being sent over a network and a plurality of rules specifying conditions that trigger a policy violation; and a processor coupled to the memory, to cause a policy specifier to identify source data having a tabular structure, the source data including the use-restricted content, and to automatically create a first policy based on the identified policy template and the source data, wherein creating the first policy comprises comparing sets of columns specified in the plurality of rules of the policy template to columns of the source data, wherein the first policy is used for preventing presence of the plurality of data elements in a message sent by a user over the network, the plurality of data elements having the use-restricted content and being from the tabular structure of the identified source data, the first policy triggering an action involving the message upon detecting, in the message being sent by the user, information matching the plurality of data elements having the use-restricted content from the tabular structure of the identified source data. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A non-transitory computer readable medium that provides instructions, which when executed on a processor causes the processor to perform a method comprising:
-
identifying, by a computer system, one of a plurality of policy templates, wherein each of the plurality of policy templates includes information for creation of one or more policies for preventing use-restricted content from being sent over a network and a plurality of rules specifying conditions that trigger a policy violation; identifying, by the computer system, source data having a tabular structure, the source data including a plurality of data elements having the use-restricted content; and automatically creating, by the computer system, a first policy based on the identified policy template and the source data, wherein creating the first policy comprises comparing sets of columns specified in the plurality of rules of the policy template to columns of the source data, wherein the first policy is used for preventing presence of the plurality of data elements in a message sent by a user over the network, the plurality of data elements having the use-restricted content and being from the tabular structure of the identified source data, the first policy triggering an action involving the message upon detecting, in the message being sent by the user, information matching the plurality of data elements having the use-restricted content from the tabular structure of the identified source data.
-
Specification