Systems and methods for predicting the impact of security-policy changes on users
First Claim
1. A computer-implemented method for predicting the impact of security-policy changes on users, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- identifying at least one end-user computing system that is potentially to be regulated using a new security policy potentially to be activated by an administrator of the end-user computing system;
predicting, prior to activating the new security policy on the end-user computing system, how activating the new security policy will impact at least one user of the end-user computing system by;
deploying the new security policy to the end-user computing system;
monitoring, over a time period of live user activity on the end-user computing system, at least one behavior of the user on the end-user computing system for evaluation against the new security policy responsive to determining that the new security policy is potentially to be activated;
determining, without notifying the user of the new security policy and without having first activated the new security policy, how activating the new security policy on the end-user computing system would have impacted the behavior by;
detecting, at the end-user computing system, a condition that would have triggered enforcement of the new security policy on the end-user computing system;
determining that the behavior comprised the condition, caused the condition, and/or occurred simultaneously with the condition;
determining, in response to detecting the condition that would have triggered enforcement of the new security policy, that enforcement of the new security policy on the end-user computing system would have impacted the behavior;
notifying, based at least in part on predicting how activating the new security policy will impact the user, the administrator of the end-user computing system with information that indicates how activating the new security policy will impact future user behavior.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for predicting the impact of security-policy changes on users may include (1) identifying at least one end-user computing system that may potentially be regulated using a security policy, (2) predicting, prior to activating the security policy on the end-user computing system, how activating the security policy may impact at least one user of the end-user computing system by monitoring at least one behavior of the user on the end-user computing system and by determining how activating the security policy on the end-user computing system may have impacted the behavior, and (3) notifying, based at least in part on predicting how activating the security policy may impact the user, an administrator of the end-user computing system with information that indicates how activating the security policy may impact future user behavior. Various other methods, systems, and computer-readable media are also disclosed.
-
Citations
17 Claims
-
1. A computer-implemented method for predicting the impact of security-policy changes on users, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
identifying at least one end-user computing system that is potentially to be regulated using a new security policy potentially to be activated by an administrator of the end-user computing system; predicting, prior to activating the new security policy on the end-user computing system, how activating the new security policy will impact at least one user of the end-user computing system by; deploying the new security policy to the end-user computing system; monitoring, over a time period of live user activity on the end-user computing system, at least one behavior of the user on the end-user computing system for evaluation against the new security policy responsive to determining that the new security policy is potentially to be activated; determining, without notifying the user of the new security policy and without having first activated the new security policy, how activating the new security policy on the end-user computing system would have impacted the behavior by; detecting, at the end-user computing system, a condition that would have triggered enforcement of the new security policy on the end-user computing system; determining that the behavior comprised the condition, caused the condition, and/or occurred simultaneously with the condition; determining, in response to detecting the condition that would have triggered enforcement of the new security policy, that enforcement of the new security policy on the end-user computing system would have impacted the behavior; notifying, based at least in part on predicting how activating the new security policy will impact the user, the administrator of the end-user computing system with information that indicates how activating the new security policy will impact future user behavior. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for predicting the impact of security-policy changes on users, the system comprising:
-
an identifying module, stored in memory as software, that identifies at least one end-user computing system that is potentially to be regulated using a new security policy potentially to be activated by an administrator of the end-user computing system; a predicting module, stored in memory as software, that predicts, prior to activating the new security policy on the end-user computing system, how activating the new security policy will impact at least one user of the end-user computing system by; deploying the new security policy to the end-user computing system; monitoring, over a time period of live user activity on the end-user computing system, at least one behavior of the user on the end-user computing system for evaluation against the new security policy responsive to determining that the new security policy is potentially to be activated; determining, without notifying the user of the new security policy and without having first activated the new security policy, how activating the new security policy on the end-user computing system would have impacted the behavior by; detecting, at the end-user computing system, a condition that would have triggered enforcement of the new security policy on the end-user computing system; determining that the behavior comprised the condition, caused the condition, and/or occurred simultaneously with the condition; determining, in response to detecting the condition that would have triggered enforcement of the new security policy, that enforcement of the new security policy on the end-user computing system would have impacted the behavior; a notifying module, stored in memory as software, that notifies, based at least in part on predicting how activating the new security policy will impact the user, the administrator of the end-user computing system with information that indicates how activating the new security policy will impact future user behavior; at least one hardware processor configured to execute the identifying module, the predicting module, and the notifying module. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable medium comprising one or more computer-executable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
identify at least one end-user computing system that is potentially to be regulated using a new security policy potentially to be activated by an administrator of the end-user computing system; predict, prior to activating the new security policy on the end-user computing system, how activating the new security policy will impact at least one user of the end-user computing system by; deploying the new security policy to the end-user computing system; monitoring, over a time period of live user activity on the end-user computing system, at least one behavior of the user on the end-user computing system for evaluation against the new security policy responsive to determining that the new security policy is potentially to be activated; determining, without notifying the user of the new security policy and without having first activated the new security policy, how activating the new security policy on the end-user computing system would have impacted the behavior by; detecting, at the end-user computing system, a condition that would have triggered enforcement of the new security policy on the end-user computing system; determining that the behavior comprised the condition, caused the condition, and/or occurred simultaneously with the condition; determining, in response to detecting the condition that would have triggered enforcement of the new security policy, that enforcement of the new security policy on the end-user computing system would have impacted the behavior; notify, based at least in part on predicting how activating the new security policy will impact the user, the administrator of the end-user computing system with information that indicates how activating the new security policy will impact future user behavior. - View Dependent Claims (14, 15, 16, 17)
-
Specification