×

Method to improve data loss prevention via cross leveraging fingerprints

  • US 8,250,085 B1
  • Filed: 12/18/2008
  • Issued: 08/21/2012
  • Est. Priority Date: 12/18/2008
  • Status: Expired due to Fees
First Claim
Patent Images

1. A computer-implemented method, comprising:

  • obtaining, by a data loss protection (DLP) service provider, fingerprints of confidential source data of a plurality of organizations;

    distributing, by the DLP service provider, DLP policies defined by the plurality of organizations across DLP systems of the plurality of organizations, the DLP policies specifying conditions to trigger a violation based on regulations concerning handling of sensitive data maintained by the plurality of organizations;

    sharing, by the DLP service provider, the fingerprints of the confidential source data of the plurality of organizations across DLP systems of the plurality of organizations, the plurality of fingerprints being associated with an identifier of a corresponding organization of the plurality of organizations that provided the fingerprints to the DLP service provider, the identifier not revealing an identity of the corresponding organization;

    causing, by the DLP service provider, a DLP system of each of the plurality of organizations to monitor information content to detect policy violations of the plurality of organizations based on the DLP policies of the plurality of organizations using the shared fingerprints;

    causing one or more users within a first organization of the plurality of organizations to be notified about a detection of a policy violation of a DLP policy of a second organization of the plurality of organizations in information content of the first organization without revealing an identity of the second organization;

    receiving, by the DLP service provider, information on the detection of the DLP policy violation of the second organization from a DLP system of the first organization, the information including an identifier of the second organization;

    identifying, by the DLP service provider, the second organization based on the identifier included in the received information; and

    notifying, by the DLP service provider, one or more users within the second organization about the detection of the policy violation of a DLP policy of the second organization in the information content.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×