Adaptive data loss prevention policies
First Claim
Patent Images
1. A method of safeguarding sensitive information comprising:
- detecting, by a monitoring application of a computing device, a policy violation on the computing device, wherein the policy violation comprises a user attempt to perform an operation to move data comprising the sensitive information off of the computing device;
determining whether one or more previous policy violations have occurred on the computing device, wherein the one or more previous policy violations comprise other attempts of the user to perform an operation to move the data comprising the sensitive information off of the computing device; and
performing an action to minimize a risk of data loss based on the one or more previous policy violations and a sequential order that the one or more previous policy violations occurred, wherein the performing the action further comprises;
performing a first action to minimize the risk of the data loss in response to determining that no previous policy violations occurred on the computing device; and
performing a second action to minimize the risk of the data loss in response determining that the one or more previous policy violations occurred on the computing device, wherein the second action depends on a number, a severity, and the sequential order of the one or more previous policy violations.
2 Assignments
0 Petitions
Accused Products
Abstract
A monitor detects a policy violation on a computing device, wherein the policy violation includes a user attempt to perform an operation to move data that includes sensitive information off the computing device. The monitor determines whether one or more previous policy violations have occurred on the computing device. The monitor performs an action to minimize a risk of data loss based on the one or more previous policy violations.
101 Citations
21 Claims
-
1. A method of safeguarding sensitive information comprising:
-
detecting, by a monitoring application of a computing device, a policy violation on the computing device, wherein the policy violation comprises a user attempt to perform an operation to move data comprising the sensitive information off of the computing device; determining whether one or more previous policy violations have occurred on the computing device, wherein the one or more previous policy violations comprise other attempts of the user to perform an operation to move the data comprising the sensitive information off of the computing device; and performing an action to minimize a risk of data loss based on the one or more previous policy violations and a sequential order that the one or more previous policy violations occurred, wherein the performing the action further comprises; performing a first action to minimize the risk of the data loss in response to determining that no previous policy violations occurred on the computing device; and performing a second action to minimize the risk of the data loss in response determining that the one or more previous policy violations occurred on the computing device, wherein the second action depends on a number, a severity, and the sequential order of the one or more previous policy violations. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computing apparatus comprising:
-
a memory; a processing device communicably coupled to the memory; a policy violation detector executed from the memory by the processing device, the policy violation detector configured to detect a policy violation on the computing apparatus, wherein the policy violation comprises a user attempt to perform an operation to move data comprising sensitive information off of the computing apparatus; and a policy violation responder executed from the memory by the processing device, the policy violation responder configured to; determine whether one or more previous policy violations have occurred on the computing device, wherein the one or more previous policy violations comprise other attempts of the user to perform an operation to move the data comprising the sensitive information off of the computing device; and perform an action to minimize a risk of data loss based on the one or more previous policy violations and a sequential order that the one or more previous policy violations occurred, wherein performing the action further comprises the policy violation responder to; perform a first action to minimize the risk of the data loss in response to determining that no previous policy violations occurred on the computing device; and perform a second action to minimize the risk of the data loss in response determining that the one or more previous policy violations occurred on the computing device, wherein the second action depends on a number, a severity, and the sequential order of the one or more previous policy violations. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer readable medium including instructions that, when executed by a processing system, cause the processing system to perform a method of safeguarding sensitive information, comprising:
-
detecting, by a monitoring application of a computing device comprising the processing system, a policy violation on the computing device, wherein the policy violation comprises a user attempt to perform an operation to move data comprising the sensitive information off of the computing device; determining whether one or more previous policy violations have occurred on the computing device, wherein the one or more previous policy violations comprise other attempts of the user to perform an operation to move the data comprising the sensitive information off of the computing device; and performing an action to minimize a risk of data loss based on the one or more previous policy violations and a sequential order that the one or more previous policy violations occurred, wherein the performing the action further comprises; performing a first action to minimize the risk of the data loss in response to determining that no previous policy violations occurred on the computing device; and performing a second action to minimize the risk of the data loss in response determining that the one or more previous policy violations occurred on the computing device, wherein the second action depends on a number, a severity, and the sequential order of the one or more previous policy violations. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification