System and method for securing personal data elements
First Claim
1. A computer-implemented method of securing data elements, the method comprising:
- by a computing device;
obtaining a connection profile, the connection profile including at least one rule related to at least one personally identifiable information (PII) data element;
associating the connection profile with a network connection;
receiving a data unit transmitted over the network connection from an external system, the data unit including at least a portion of the PII data element;
based on the rule, performing at least one of;
blocking transmission of the data unit, modifying the data unit, forwarding at least a portion of the data unit to a selected destination, storing the data unit, storing metadata related to the data unit, and reporting an event related to the data unit;
storing metadata related to a transaction, from a protected system to the external system, of at least a portion of a PII data element included in the protected system; and
presenting to a user a flow of PII between the protected system and the external system;
presenting to a user PII obtained by the external system;
receiving from a user indication of restricted PII;
preventing the restricted PII from being transferred to the external system;
storing metadata related to a transaction, from the external system to a second external system, of at least a portion of the PII data element; and
presenting to a user a flow of PII data across a plurality of external systems.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method may obtain a connection profile, the connection profile including at least one rule related to at least one PII data element; associate the connection profile with a network connection; receive a data unit transmitted over the network connection, the data unit including at least a portion of the PII data element; and, based on the rule, perform at least one of: blocking transmission of the data unit, modifying the data unit, forwarding at least a portion of the data unit to a selected destination, storing the data unit, storing metadata related to the data unit, and reporting an event related to the data unit. A system and method may associate the connection profile with a set of connection. A system and method may automatically modify a set of connection profiles based on an event.
-
Citations
20 Claims
-
1. A computer-implemented method of securing data elements, the method comprising:
-
by a computing device; obtaining a connection profile, the connection profile including at least one rule related to at least one personally identifiable information (PII) data element; associating the connection profile with a network connection; receiving a data unit transmitted over the network connection from an external system, the data unit including at least a portion of the PII data element; based on the rule, performing at least one of;
blocking transmission of the data unit, modifying the data unit, forwarding at least a portion of the data unit to a selected destination, storing the data unit, storing metadata related to the data unit, and reporting an event related to the data unit;storing metadata related to a transaction, from a protected system to the external system, of at least a portion of a PII data element included in the protected system; and
presenting to a user a flow of PII between the protected system and the external system;presenting to a user PII obtained by the external system; receiving from a user indication of restricted PII; preventing the restricted PII from being transferred to the external system; storing metadata related to a transaction, from the external system to a second external system, of at least a portion of the PII data element; and presenting to a user a flow of PII data across a plurality of external systems. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising:
-
a computing device with; a memory; and a controller configured to; obtain a connection profile, the connection profile including at least one rule related to at least one personally identifiable information (PII) data element; associate the connection profile with a network connection; receive a data unit transmitted over the network connection from an external system, the data unit including at least a portion of the PII data element; and based on the rule, perform at least one of;
blocking transmission of the data unit, modifying the data unit, forwarding at least a portion of the data unit to a selected destination, storing the data unit, storing metadata related to the data unit, and reporting an event related to the data unit;store metadata related to a transaction, from a protected system to the external system, of at least a portion of a PII data element included in the protected system; present to a user a flow of PII between the protected system and the external system; present to a user PII obtained by the external system; receive from a user indication of restricted PII; prevent the restricted PII from being transferred to the external system; store metadata related to a transaction, from the external system to a second external system, of at least a portion of the PII data element; and present to a user a flow of PI I data across a plurality of external systems. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification