Cloud data loss prevention system
First Claim
1. A system for providing data loss prevention services to an enterprise operating an enterprise data network, the enterprise data network being in communication with a cloud service provider to store cloud content belonging to the enterprise and to access the stored cloud content on the cloud service provider, the system comprising:
- a connector client installed on the premises of the enterprise data network and a cloud based computing system configured outside of the enterprise data network;
the connector client being in communication with the cloud service provider and the cloud based computing system, the connector client being configured to receive, from within the enterprise data network, an access credential of the enterprise for the cloud service provider, the connector client being configured to obtain an access token from the cloud service provider using the access credential of the enterprise, the connector client being configured to provide the access token for the cloud service provider to the cloud based computing system, and the connector client being configured to receive an alert or a report from the cloud based computing system; and
the cloud based computing system including at least one hardware processor and being in communication with the connector client and the cloud service provider, the cloud based computing system being configured to receive the access token from the connector client and to distribute the access token to the one or more processors, the cloud based computing system being configured to use the access token to access the cloud service provider on behalf of the enterprise, the cloud based computing system being configured to use the access token to access cloud content at the cloud service provider belonging to the enterprise and to perform multi-thread scanning of the cloud content for compliance with a security policy of the enterprise, the cloud based computing system being configured to identify a non-compliance cloud content in response to detecting certain cloud content stored on the cloud service provider as being in violation of the security policy, the cloud based computing system being configured to generate the alert or the report in response to the detecting and to provide the alert or the report to the connector client, and the cloud based computing system being further configured to initiate a remediation measure in response to detecting certain cloud content as being in violation of the security policy, the remediation measure comprising one or more of deleting the non-compliance cloud content and quarantining the non-compliance cloud content.
11 Assignments
0 Petitions
Accused Products
Abstract
A cloud based data loss prevention (DLP) system (“cloud DLP system”) implements offline scanning of content stored in a cloud-based service belonging to an enterprise in accordance with the enterprise'"'"'s policy and control. The cloud DLP system provides alerts or remediation in response to detection of non-compliance cloud content. In some embodiments, the cloud DLP system is provided with the access credential of the enterprise to access the cloud-based service. In other embodiments, the enterprise'"'"'s login credential remains within the enterprise data network and an on-premises client obtains an access token for the cloud DLP system.
-
Citations
16 Claims
-
1. A system for providing data loss prevention services to an enterprise operating an enterprise data network, the enterprise data network being in communication with a cloud service provider to store cloud content belonging to the enterprise and to access the stored cloud content on the cloud service provider, the system comprising:
-
a connector client installed on the premises of the enterprise data network and a cloud based computing system configured outside of the enterprise data network; the connector client being in communication with the cloud service provider and the cloud based computing system, the connector client being configured to receive, from within the enterprise data network, an access credential of the enterprise for the cloud service provider, the connector client being configured to obtain an access token from the cloud service provider using the access credential of the enterprise, the connector client being configured to provide the access token for the cloud service provider to the cloud based computing system, and the connector client being configured to receive an alert or a report from the cloud based computing system; and the cloud based computing system including at least one hardware processor and being in communication with the connector client and the cloud service provider, the cloud based computing system being configured to receive the access token from the connector client and to distribute the access token to the one or more processors, the cloud based computing system being configured to use the access token to access the cloud service provider on behalf of the enterprise, the cloud based computing system being configured to use the access token to access cloud content at the cloud service provider belonging to the enterprise and to perform multi-thread scanning of the cloud content for compliance with a security policy of the enterprise, the cloud based computing system being configured to identify a non-compliance cloud content in response to detecting certain cloud content stored on the cloud service provider as being in violation of the security policy, the cloud based computing system being configured to generate the alert or the report in response to the detecting and to provide the alert or the report to the connector client, and the cloud based computing system being further configured to initiate a remediation measure in response to detecting certain cloud content as being in violation of the security policy, the remediation measure comprising one or more of deleting the non-compliance cloud content and quarantining the non-compliance cloud content. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for providing data loss prevention services to an enterprise operating an enterprise data network, the enterprise data network being in communication with a cloud service provider to store cloud content belonging to the enterprise and to access the stored cloud content on the cloud service provider, the method comprising:
-
receiving from within the enterprise data network and at a connector client installed on the premises of the enterprise data network, an access credential of the enterprise for the cloud service provider; obtaining, at the connector client installed on the premises of the enterprise data network, an access token from the cloud service provider using the access credential of the enterprise; providing, from the connector client, the access token to a cloud based computing system configured outside of the enterprise data network, the cloud based computing system comprising one or more processors; receiving, at the cloud based computing system, the access token from the connector client, the access token being used to access the cloud service provider on behalf of the enterprise; distributing the access token to the one or more processors; assessing, at the cloud based computing system and using the access token, the cloud content at the cloud service provider belonging to the enterprise; performing multi-thread scanning, at the cloud based computing system, the cloud content for compliance with a security policy of the enterprise; identifying, at the cloud based computing system, a non-compliance cloud content in response to detecting certain cloud content stored on the cloud service provider as being in violation of the security policy; generating, at the cloud based computing system, an alert or a report in response to the detecting; providing, from the cloud based computing system, the alert or the report to the connector client; and initiating, at the cloud based computing system, a remediation measure in response to detecting certain cloud content as being in violation of the security policy, wherein initiating the remediation measure comprising deleting the non-compliance cloud content or quarantining the non-compliance cloud content. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification