System and method for enhanced security and management mechanisms for enterprise administrators in a cloud-based environment

US 9,959,420 B2
Filed: 10/02/2013
Issued: 05/01/2018
Est. Priority Date: 10/02/2012
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving a file to a location in a content repository of a cloud-based environment, wherein the content repository stores data for multiple users associated with an enterprise account;

permitting a third-party to access an activity log database in real-time to monitor events and permitting the third-party to scan the file as it is being uploaded to the content repository in the cloud-based environment, said each permitting via an application programming interface (API) of the cloud-based environment, wherein the third-party request identifies a security-as-a-service provider external to the content repository;

permitting the security-as-a-service provider access to the file in the content repository for scanning the file via the API, wherein the API provides rules customized by the security-as-a-service provider for identifying files containing sensitive information; and

receiving an indication from the third-party whether the file contains sensitive information.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cloud-based platform (e.g., cloud-based collaboration and/or storage platform/service) is described that provides administrators with better visibility into content and activity across an enterprise account via advanced search tools and activity reports. Administrator tools are also provided that allow for actively managing content and passively monitoring content with real-time alerts sent to the administrator if usage of the cloud-based platform changes within the enterprise account. A reporting API is also supported by the cloud-based platform to permit the platform'"'"'s activity logs to be retrieved by a third-party platform. Additionally, administrators are provided with the option to select two-step login verification of enterprise account users.

631 Citations

28 Claims

1. A method comprising:
- receiving a file to a location in a content repository of a cloud-based environment, wherein the content repository stores data for multiple users associated with an enterprise account;
  
  permitting a third-party to access an activity log database in real-time to monitor events and permitting the third-party to scan the file as it is being uploaded to the content repository in the cloud-based environment, said each permitting via an application programming interface (API) of the cloud-based environment, wherein the third-party request identifies a security-as-a-service provider external to the content repository;
  
  permitting the security-as-a-service provider access to the file in the content repository for scanning the file via the API, wherein the API provides rules customized by the security-as-a-service provider for identifying files containing sensitive information; and
  
  receiving an indication from the third-party whether the file contains sensitive information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising:
    - moving the file to a restricted area based at least in part on the indication from the third-party, wherein the file is not accessible for sharing by the multiple users in the restricted area.
  - 3. The method of claim 2, further comprising:
    - inserting a placeholder file at the location in the content repository based at least in part on the indication from the third-party.
  - 4. The method of claim 1, further comprising:
    - permitting an administrator of the enterprise to request information on activities occurring in the content repository.
  - 5. The method of claim 1, wherein users not associated with the enterprise store or modify data stored in the content repository in collaboration with the multiple users associated with the enterprise.
  - 6. The method of claim 1, further comprising:
    - analyzing the requested information for unusual changes in usage of the content repository or abnormal behavior occurring within the content repository.
  - 7. The method of claim 1, further comprising:
    - sending an alert to the administrator in real-time upon determining an unusual change in usage of the content repository or abnormal behavior occurring within the content repository.
  - 8. The method of claim 1, further comprising:
    - permitting the third-party to request custom information on activities occurring in the content repository via an application programming interface (API).
  - 9. The method of claim 1, wherein activities in the activity log database include group and user events.
  - 10. The method of claim 1, wherein activities in the activity log database include access management activity or content related events.

11. A non-transitory machine-readable storage medium having stored thereon instructions which, when executed by a processor, causes the processor to:
- receive a file to a location in a content repository of a cloud-based environment, wherein the content repository stores data for multiple users associated with an enterprise account;
  
  permit a third-party to access an activity log database in real-time to monitor events and permit the third-party to scan the file as it is being uploaded to the content repository in the cloud-based environment, said each permitting via an application programming interface (API) of the cloud-based environment, wherein the third-party request identifies a security-as-a-service provider external to the content repository;
  
  permit the security-as-a-service provider access to the file in the content repository for scanning the file via the API, wherein the API provides rules customized by the security-as-a-service provider for identifying files containing sensitive information; and
  
  receive an indication from the third-party whether the file contains sensitive information.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The non-transitory machine-readable storage medium of claim 11 which, when executed by a processor, further causes the processor to move the file to a restricted area based at least in part on the indication from the third-party, wherein the file is not accessible for sharing by the multiple users in the restricted area.
  - 13. The non-transitory machine-readable storage medium of claim 11 which, when executed by a processor, further causes the processor to insert a placeholder file at the location in the content repository based at least in part on the indication from the third-party.
  - 14. The non-transitory machine-readable storage medium of claim 11 which, when executed by a processor, further causes the processor to permit an administrator of the enterprise to request information on activities occurring in the content repository.
  - 15. The non-transitory machine-readable storage medium of claim 11 which, when executed by a processor, further causes the processor to allow users not associated with the enterprise to store or modify data stored in the content repository in collaboration with the multiple users associated with the enterprise.
  - 16. The non-transitory machine-readable storage medium of claim 11 which, when executed by a processor, further causes the processor to analyze the requested information for unusual changes in usage of the content repository or abnormal behavior occurring within the content repository.
  - 17. The non-transitory machine-readable storage medium of claim 11 which, when executed by a processor, further causes the processor to send an alert to the administrator in real-time upon determining an unusual change in usage of the content repository or abnormal behavior occurring within the content repository.
  - 18. The non-transitory machine-readable storage medium of claim 11 which, when executed by a processor, further causes the processor to permit the third-party to request custom information on activities occurring in the content repository via an application programming interface (API).
  - 19. The non-transitory machine-readable storage medium of claim 11, wherein activities in the activity log database include group and user events.
  - 20. The non-transitory machine-readable storage medium of claim 11, wherein activities in the activity log database include access management activity or content related events.

21. A system comprising:
- a processor;
  
  a memory having stored thereon instructions which, when executed by the processor, cause the system to;
  
  receive a file to a location in a content repository of a cloud-based environment, wherein the content repository stores data for multiple users associated with an enterprise account;
  
  permit a third-party to access an activity log database in real-time to monitor events and permit the third-party to scan the file as it is being uploaded to the content repository in the cloud-based environment, said each permitting via an application programming interface (API) of the cloud-based environment, wherein the third-party request identifies a security-as-a-service provider external to the content repository;
  
  permit the security-as-a-service provider access to the file in the content repository for scanning the file via the API, wherein the API provides rules customized by the security-as-a-service provider for identifying files containing sensitive information; and
  
  receive an indication from the third-party whether the file contains sensitive information.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
- - 22. The system of claim 21, wherein the stored instructions, when executed by the processor, further cause permitting an administrator of the enterprise to request information on activities occurring in the content repository.
  - 23. The system of claim 21, wherein the stored instructions, when executed by the processor, further cause allowing users not associated with the enterprise to store or modify data stored in the content repository in collaboration with the multiple users associated with the enterprise.
  - 24. The system of claim 21, wherein the stored instructions, when executed by the processor, further cause analyzing the requested information for unusual changes in usage of the content repository or abnormal behavior occurring within the content repository.
  - 25. The system of claim 21, wherein the stored instructions, when executed by the processor, further cause sending an alert to the administrator in real-time upon determining an unusual change in usage of the content repository or abnormal behavior occurring within the content repository.
  - 26. The system of claim 21, wherein the stored instructions, when executed by the processor, further cause permitting the third-party to request custom information on activities occurring in the content repository via an application programming interface (API).
  - 27. The system of claim 21, wherein activities in the activity log database include group and user events.
  - 28. The system of claim 21, wherein activities in the activity log database include access management activity or content related events.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Box Incorporated
Original Assignee
Box Incorporated
Inventors
Kiang, Andy, Lee, David
Primary Examiner(s)
Korsak, Oleg

Application Number

US14/044,261
Publication Number

US 20140259190A1
Time in Patent Office

1,672 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/43   wireless channels

G06F 21/51   at application loading time...

G06F 21/552   involving long-term monitor...

G06F 21/6218   to a system of files or obj...

System and method for enhanced security and management mechanisms for enterprise administrators in a cloud-based environment

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

631 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for enhanced security and management mechanisms for enterprise administrators in a cloud-based environment

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

631 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links