Systems and methods for enforcing data-loss-prevention policies using mobile sensors
First Claim
1. A computer-implemented method for enforcing data-loss-prevention policies using mobile sensors, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- detecting an attempt by a user to access sensitive data on a mobile computing device;
collecting, via at least one sensor of the mobile computing device, audio sensor data that is indicative of an environment in which the user is attempting to access the sensitive data;
determining a privacy level of the environment by comparing the audio sensor data with a set of predefined audio profiles of environments, whereina first predefined audio profile within the set of predefined audio profiles is correlated with a first risk of data loss;
a second predefined audio profile within the set of predefined audio profiles is correlated with a second risk of data loss that is different than the first risk of data loss;
restricting, based at least in part on the privacy level of the environment determined by comparing the audio sensor data with the set of predefined audio profiles, the attempt by the user to access the sensitive data.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for enforcing data-loss-prevention policies using mobile sensors may include (1) detecting an attempt by a user to access sensitive data on a mobile computing device, (2) collecting, via at least one sensor of the mobile computing device, sensor data that indicates an environment in which the user is attempting to access the sensitive data, (3) determining, based at least in part on the sensor data, a privacy level of the environment, and (4) restricting, based at least in part on the privacy level of the environment, the attempt by the user to access the sensitive data according to a DLP policy. Various other methods, systems, and computer-readable media are also disclosed.
-
Citations
20 Claims
-
1. A computer-implemented method for enforcing data-loss-prevention policies using mobile sensors, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
detecting an attempt by a user to access sensitive data on a mobile computing device; collecting, via at least one sensor of the mobile computing device, audio sensor data that is indicative of an environment in which the user is attempting to access the sensitive data; determining a privacy level of the environment by comparing the audio sensor data with a set of predefined audio profiles of environments, wherein a first predefined audio profile within the set of predefined audio profiles is correlated with a first risk of data loss; a second predefined audio profile within the set of predefined audio profiles is correlated with a second risk of data loss that is different than the first risk of data loss; restricting, based at least in part on the privacy level of the environment determined by comparing the audio sensor data with the set of predefined audio profiles, the attempt by the user to access the sensitive data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system for enforcing data-loss-prevention policies using mobile sensors, the system comprising:
-
a detection module programmed to detect an attempt by a user to access sensitive data on a mobile computing device; a collection module programmed to collect, via at least one sensor of the mobile computing device, image sensor data that is indicative of an environment in which the user is attempting to access the sensitive data; a determination module programmed to determine a privacy level of the environment by determining a number or proximity of people in the environment based at least in part on the image sensor data, wherein; a first number or proximity of people in the environment is correlated with a first risk of data loss; a second number or proximity of people in the environment is correlated with a second risk of data loss that is different than the first risk of data loss; a restricting module programmed to restrict, based at least in part on the privacy level of the environment determined by determining the number or proximity of people in the environment based on the image sensor data, the attempt by the user to access the sensitive data; at least one computer processor that executes the detection module, the collection module, the determination module, and the restricting module. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A non-transitory computer-readable medium comprising one or more computer-executable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
detect an attempt by a user to access sensitive data on a mobile computing device; collect, via at least one sensor of the mobile computing device, audio sensor data that is indicative of an environment in which the user is attempting to access the sensitive data; determine a privacy level of the environment by comparing the audio sensor data with a set of predefined audio profiles of environments, wherein a first predefined audio profile within the set of predefined audio profiles is correlated with a first risk of data loss; a second predefined audio profile within the set of predefined audio profiles is correlated with a second risk of data loss that is different than the first risk of data loss; restrict, based at least in part on the privacy level of the environment determined by comparing the audio sensor data with the set of predefined audio profiles, the attempt by the user to access the sensitive data.
-
Specification