Methods and apparatus for analyzing social media for enterprise compliance issues

US 8,972,511 B2
Filed: 09/07/2012
Issued: 03/03/2015
Est. Priority Date: 06/18/2012
Status: Active Grant

First Claim

Patent Images

1. An apparatus, comprising:

a risk analysis module implemented in at least one of a memory or a processing device, the risk analysis module configured to receive, from a source communication device, a message addressed to a destination communication device and having an untracked attachment, the risk analysis module configured to analyze content of the untracked attachment to determine a risk level associated with the content of the untracked attachment; and

a file tracking module, remote from the destination communication device, configured to define, based on the untracked attachment, a tracked attachment in response to the risk level satisfying a criterion, the file tracking module configured to send a message having the tracked attachment to the destination communication device such that the tracked attachment sends periodic requests for updates from the destination communication device to the file tracking module, the file tracking module configured to receive, from the destination communication device, a confirmation in response to the tracked attachment being opened at the destination communication device.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In some embodiments, a non-transitory processor-readable medium includes code that causes a processor to receive, at a compliance device, a message from a source communication device addressed to a destination communication device. The code causes the processor to analyze at a context engine, the content of the message to determine a first risk level associated with a preference of an organization. The code further causes the processor to analyze at a regulatory engine, the content of the message to determine a second risk level associated with a regulatory standard of a specific industry and to define a composite risk level based on the first risk level and the second risk level. The code further causes the processor to send a notification to an administrator if the composite risk level satisfies a criterion, and to send the message to the destination communication device irrespective of the composite risk level.

40 Citations

View as Search Results

24 Claims

1. An apparatus, comprising:
- a risk analysis module implemented in at least one of a memory or a processing device, the risk analysis module configured to receive, from a source communication device, a message addressed to a destination communication device and having an untracked attachment, the risk analysis module configured to analyze content of the untracked attachment to determine a risk level associated with the content of the untracked attachment; and
  
  a file tracking module, remote from the destination communication device, configured to define, based on the untracked attachment, a tracked attachment in response to the risk level satisfying a criterion, the file tracking module configured to send a message having the tracked attachment to the destination communication device such that the tracked attachment sends periodic requests for updates from the destination communication device to the file tracking module, the file tracking module configured to receive, from the destination communication device, a confirmation in response to the tracked attachment being opened at the destination communication device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The apparatus of claim 1, wherein the message having the untracked attachment is a first instance of an electronic mail (email) message, the message having the tracked attachment is a second instance of the email message.
  - 3. The apparatus of claim 1, wherein the message having the untracked attachment is a first instance of a message to be posted on a social network website, the message having the tracked attachment is a second instance of the message to be posted on the social network website.
  - 4. The apparatus of claim 1, wherein the file tracking module is configured to determine that a version associated with the tracked attachment is an outdated version in response to the confirmation, the file tracking module configured to send an updated version of the tracked attachment to the destination communication device such that the outdated version of the tracked attachment is replaced by the updated version of the tracked attachment at the destination communication device.
  - 5. The apparatus of claim 1, wherein the file tracking module is configured to define the tracked attachment to include an expiration associated with a specific number of times such that the tracked attachment is automatically removed from the destination communication device after the tracked attachment is accessed the specific number of times at the destination communication device.
  - 6. The apparatus of claim 1, wherein the untracked attachment and the tracked attachment are instances of a first version of an attachment, the file tracking module configured to send an instance of a second version of the attachment defined after the first version to the destination communication device such that the destination communication device replaces the first version with the second version.
  - 7. The apparatus of claim 1, wherein the risk level is a composite risk level generated at least in part based on two different risk analysis methods.
  - 8. The apparatus of claim 1, further comprising:
    - a notification module configured to send a notification to an administrator in response to the risk level satisfying the criterion.
  - 9. The apparatus of claim 1, wherein the untracked attachment is unlocked, the file tracking module configured to define the tracked attachment to be locked such that the destination communication device is able to open the tracked attachment but unable to modify the tracked attachment.
  - 10. The apparatus of claim 1, wherein the tracked attachment includes at least one of a cookie, a JavaScript portion, or metadata.

11. A non-transitory processor-readable medium storing code representing instructions to be executed by a processor, the code comprising code to cause the processor to:
- receive, from a source communication device and at a compliance device different from the source communication device and a destination communication device, a message addressed to the destination communication device and having an untracked attachment;
  
  analyze, at the compliance device, content of the untracked attachment to determine a risk level associated with the content of the untracked attachment;
  
  define, based on the untracked attachment and at the compliance device, a tracked attachment including a tracking portion in response to the risk level satisfying a criterion;
  
  send, from the compliance device, a message having the tracked attachment to the destination communication device;
  
  receive, from the destination communication device and at the compliance device, a confirmation in response to the tracked attachment being opened at the destination communication device, the confirmation being defined by the tracking portion of the tracked attachment;
  
  determine, in response to the confirmation and at the compliance device, that the tracked attachment is an outdated version of the tracked attachment; and
  
  send, from the compliance device, an updated version of the tracked attachment to the destination communication device such that the outdated version of the tracked attachment is replaced by the updated version of the tracked attachment at the destination communication device.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The non-transitory processor-readable medium of claim 11, wherein the code to cause the processor to define the tracked attachment includes code to cause the processor to define the tracked attachment such that the tracked attachment sends periodic requests for updates from the destination communication device to the compliance device.
  - 13. The non-transitory processor-readable medium of claim 11, wherein the message having the untracked attachment is a first instance of a message to be posted on a social network website, the message having the tracked attachment is a second instance of the message to be posted on the social network website.
  - 14. The non-transitory processor-readable medium of claim 11, wherein the risk level is a composite risk level generated at least in part based on two different risk analysis methods.
  - 15. The non-transitory processor-readable medium of claim 11, wherein the untracked attachment is unlocked, the code to cause the processor to define the tracked attachment includes code to cause the processor to define the tracked attachment to be locked such that the destination communication device is able to open the tracked attachment but unable to modify the tracked attachment.
  - 16. The non-transitory processor-readable medium of claim 11, wherein the message having the untracked attachment is a first instance of an electronic mail (email) message, the message having the tracked attachment is a second instance of the email message.
  - 17. The non-transitory processor-readable medium of claim 11, wherein the code to cause the processor to define the tracked attachment includes code to cause the processor to define the tracked attachment to include an expiration associated with a specific number of times such that the tracked attachment is automatically removed from the destination communication device after the tracked attachment is accessed the specific number of times at the destination communication device.
  - 18. The non-transitory processor-readable medium of claim 11, wherein the code to cause the processor to analyze includes code to cause the processor to analyze the content of the untracked attachment for at least one of high risk words, medium risk words, high risk phrases, or medium risk phrases.
  - 19. The non-transitory processor-readable medium of claim 11, wherein the code to cause the processor to define the tracked attachment includes code to cause the processor to include at least one of a cookie or a JavaScript portion in the tracking portion.

20. A non-transitory processor-readable medium storing code representing instructions to be executed by a processor, the code comprising code to cause the processor to:
- receive, from a source communication device, a message addressed to a destination communication device and having an unlocked attachment;
  
  analyze content of the unlocked attachment to determine a risk level associated with the content of the unlocked attachment, the risk level being a composite risk level generated based at least in part on two different risk analysis methods;
  
  define, based on the unlocked attachment and in response to the risk level satisfying a criterion, a locked attachment by modifying a file extension type of the unlocked attachment, combining a cookie with the unlocked attachment, or modifying a header portion of the message having the unlocked attachment, content of the locked attachment corresponding to the content of the unlocked attachment; and
  
  send a message having the locked attachment to the destination communication device such that the destination communication device is able to open the locked attachment but unable to modify the locked attachment.
- View Dependent Claims (21, 22, 23, 24)
- - 21. The non-transitory processor-readable medium of claim 20, wherein the code to cause the processor to analyze includes code to cause the processor to analyze the content of the unlocked attachment for at least one of high risk words, medium risk words, high risk phrases, or medium risk phrases.
  - 22. The non-transitory processor-readable medium of claim 20, wherein the code to cause the processor to analyze includes code to cause the processor to analyze the content of the unlocked attachment based on a standard associated with a specific industry.
  - 23. The non-transitory processor-readable medium of claim 20, wherein the code to cause the processor to define includes code to cause the processor to define the locked attachment to include an expiration associated with a specific number of times such that the locked attachment is automatically removed from the destination communication device after the locked attachment is accessed the specific number of times at the destination communication device.
  - 24. The non-transitory processor-readable medium of claim 20, wherein the destination communication device is a mobile communication device, the code to cause the processor to send includes code to cause the processor to send the message having the locked attachment to the mobile communication device such that the mobile communication device can display the locked attachment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Social SafeGuard, Inc.
Original Assignee
OpenQ, Inc.
Inventors
Freire, Otavio R., Zuffoletti, James P., Jimenez, Ruben, Prentis, Matthew A., Carr, Brian C.
Primary Examiner(s)
ZHANG, SHIRLEY X

Application Number

US13/606,623
Publication Number

US 20130339457A1
Time in Patent Office

907 Days
Field of Search

709/206, 705/901, 705/904
US Class Current

709/206
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06N 20/00   Machine learning

G06Q 10/0635   Risk analysis of enterprise...

G06Q 20/1235   with control of digital rig...

G06Q 20/384   using social networks

G06Q 50/01   Social networking

H04L 2209/60   Digital content management,...

H04L 51/42   Mailbox-related aspects, e....

H04L 51/52   for supporting social netwo...

Methods and apparatus for analyzing social media for enterprise compliance issues

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

40 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and apparatus for analyzing social media for enterprise compliance issues

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links