×

Preventing secure data from leaving the network perimeter

  • US 8,316,442 B2
  • Filed: 01/15/2008
  • Issued: 11/20/2012
  • Est. Priority Date: 01/15/2008
  • Status: Active Grant
First Claim
Patent Images

1. A method for preventing secure data from leaving a perimeter of an enterprise network, wherein an edge device couples the enterprise network to an external network, and the edge device has access to all traffic that flows inbound and outbound between the enterprise network and the external network, the method comprising the steps of:

  • computing a plurality of hashes for a data file to uniquely identify the data file as a secure data being subject to restrictions on leaving the enterprise network perimeter;

    sending the plurality of hashes to the edge device;

    storing the plurality of hashes at the edge device;

    in response to a user of a host downloading the secure data from the enterprise network, a client agent running on a host machine, tracking any modification made to the secure data by the user;

    when the secure data is modified by the user on the host machine, computing a hash for the modified secure data;

    sending the hash for the modified secure data to the edge device;

    monitoring, by the edge device, outbound data that is being sent out across the enterprise network;

    computing, by the edge device, a hash of the outbound data;

    comparing, by the edge device, the hash of the outbound data to each of the plurality of stored hashes, the stored hashes being associated with respective data files that are each designated by an administrator or authorized user of the enterprise network;

    blocking, by the edge device, the outbound data from leaving the perimeter if the hash of the outbound data matches one of the stored hashes;

    providing data from the edge device to the administrator or authorized user of the enterprise network, including an identity of secure data, an identity of who accessed the secure data, and when the secure data was accessed; and

    providing an indication, from the edge device to the administrator or authorized user of the enterprise network, of actions taken by the edge device in response to results of the comparing step.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×