Method to calculate a risk score of a folder that has been scanned for confidential information
First Claim
Patent Images
1. A method comprising:
- obtaining, by a computer system, a severity level associated with a data object, wherein the severity level is calculated based on presence of confidential information in the data object, the data object being a file or a folder, the severity level being calculated using a data loss prevention policy in response to a violation of the data loss prevention policy;
obtaining, by the computer system, metadata associated with the data object based on a configuration parameter, the metadata comprising at least one of access permission data for the data object and access usage data for the data object, wherein the configuration parameter defines the metadata to obtain to calculate a risk score; and
calculating, by the computer system, the risk score for the data object based on the severity level and the metadata associated with the data object.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for calculating a risk score of a data object may include obtaining a severity level associated with a data object. The severity level may be calculated based on presence of confidential information in the data object. The data object may be a file or a folder. The severity level may be calculated using a data loss prevention policy. The method may further include obtaining metadata associated with the data object. The metadata may comprise at least one of access permission data for the data object and access usage data for the data object. The method may further include calculating a risk score for the data object based on the severity level and the metadata associated with the data object.
54 Citations
12 Claims
-
1. A method comprising:
-
obtaining, by a computer system, a severity level associated with a data object, wherein the severity level is calculated based on presence of confidential information in the data object, the data object being a file or a folder, the severity level being calculated using a data loss prevention policy in response to a violation of the data loss prevention policy; obtaining, by the computer system, metadata associated with the data object based on a configuration parameter, the metadata comprising at least one of access permission data for the data object and access usage data for the data object, wherein the configuration parameter defines the metadata to obtain to calculate a risk score; and calculating, by the computer system, the risk score for the data object based on the severity level and the metadata associated with the data object. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A non-transitory computer readable storage medium that provides instructions, which when executed on a computer system cause the computer system to perform operations comprising:
-
obtaining a severity level associated with a data object, wherein the severity level is calculated based on presence of confidential information in the data object, the data object being a file or a folder, the severity level being calculated using a data loss prevention policy in response to a violation of the data loss prevention policy; obtaining metadata associated with the data object based on a configuration parameter, the metadata comprising at least one of access permission data for the data object and access usage data for the data object, wherein the configuration parameter defines the metadata to obtain to calculate a risk score; and calculating the risk score for the data object based on the severity level and the metadata associated with the data object. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A system, comprising:
-
a memory; and a processor coupled with the memory to obtain a severity level associated with a data object, wherein the severity level is calculated based on presence of confidential information in the data object, the data object being a file or a folder, the severity level being calculated using a data loss prevention policy in response to a violation of the data loss prevention policy; obtain metadata associated with the data object based on a configuration parameter, the metadata comprising at least one of access permission data for the data object and access usage data for the data object, wherein the configuration parameter defines the metadata to obtain to calculate a risk score; and calculate the risk score for the data object based on the severity level and the metadata associated with the data object. - View Dependent Claims (12)
-
Specification