×

Managing and monitoring continuous improvement in detection of compliance violations

  • US 8,812,342 B2
  • Filed: 06/15/2010
  • Issued: 08/19/2014
  • Est. Priority Date: 06/15/2010
  • Status: Active Grant
First Claim
Patent Images

1. A method performed by a computer for auditing a distributed computing environment in which a plurality of user entities has identity accounts which allow access to protected resources in the environment, comprising:

  • by a processing unit in the computer, collecting data associated with an identity account in a plurality of identity accounts, wherein the data comprises personal data about an entity associated with the identity account and at least one of compliance data associated with at least one activity performed by a user entity associated with the identity account, or prior compliance violation data associated with the at least one activity performed by the user entity associated with the identity account;

    determining a risk factor for the identity account based on the collected data;

    calculating a risk score of the identity account based on the determined risk factor; and

    auditing the identity account for compliance to a policy, wherein the identity account is audited with a respective frequency that is determined according to the risk score calculated for the identity account, wherein each of the plurality of identify accounts are audited at a respective frequency according to their own respective risk score calculated for their own respective identity account, wherein the personal data includes social media data that comprise connections or links to other entities with known prior compliance violations.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×