Systems and methods of securing network-accessible peripheral devices
First Claim
1. A method comprising, by a computer system:
- accessing information related to enterprise usage of a plurality of network-accessible peripheral devices;
identifying, from the information, discrete content-imaging events that occurred on the plurality of network-accessible peripheral devices;
determining particular users associated with the discrete content-imaging events on a per-event basis;
determining information related to particular times when the discrete content-imaging events are deemed to have occurred on a per-event basis;
identifying particular content that was imaged as a result of the discrete content-imaging events on a per-event basis;
accessing stored content-based classifications of the particular content on a per-event basis, wherein the stored content-based classifications comprise topics of the particular content;
correlating the topics of the particular content to a plurality of user contexts on a per-event basis, wherein each user context of the plurality of user contexts is defined by a distinct combination of at least one of the particular users and at least one of the particular times;
associating at least one user pattern with each user context based, at least in part, on the correlating; and
generating for at least one user comparative content-imaging-pattern information for at least two user contexts of the plurality of user contexts;
performing an automated risk evaluation of the comparative content-imaging-pattern information; and
transmitting an alert to a designated user responsive to the comparative content-imaging-pattern information meeting specified criteria.
22 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a method is performed by a computer system. The method includes accessing information related to enterprise usage of a plurality of network-accessible peripheral devices and identifying, from the information, discrete content-imaging events that occurred on the plurality of network-accessible peripheral devices. In addition, the method includes determining particular users associated with the discrete content-imaging events on a per-event basis and determining particular content to which the discrete content-imaging events relate on a per-event basis. Further, the method includes abstracting correlated data related to the discrete content-imaging events into a standardized format, the correlated data comprising data related to the particular users and the particular content, the standardized format enabling expression of the discrete content-imaging events by user and by type of content-imaging activity.
-
Citations
18 Claims
-
1. A method comprising, by a computer system:
-
accessing information related to enterprise usage of a plurality of network-accessible peripheral devices; identifying, from the information, discrete content-imaging events that occurred on the plurality of network-accessible peripheral devices; determining particular users associated with the discrete content-imaging events on a per-event basis; determining information related to particular times when the discrete content-imaging events are deemed to have occurred on a per-event basis; identifying particular content that was imaged as a result of the discrete content-imaging events on a per-event basis; accessing stored content-based classifications of the particular content on a per-event basis, wherein the stored content-based classifications comprise topics of the particular content; correlating the topics of the particular content to a plurality of user contexts on a per-event basis, wherein each user context of the plurality of user contexts is defined by a distinct combination of at least one of the particular users and at least one of the particular times; associating at least one user pattern with each user context based, at least in part, on the correlating; and generating for at least one user comparative content-imaging-pattern information for at least two user contexts of the plurality of user contexts; performing an automated risk evaluation of the comparative content-imaging-pattern information; and transmitting an alert to a designated user responsive to the comparative content-imaging-pattern information meeting specified criteria. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An information handling system comprising at least one processor and memory, wherein the at least one processor and memory in combination are operable to implement a method comprising:
-
accessing information related to enterprise usage of a plurality of network-accessible peripheral devices; identifying, from the information, discrete content-imaging events that occurred on the plurality of network-accessible peripheral devices; determining particular users associated with the discrete content-imaging events on a per-event basis; determining information related to particular times when the discrete content-imaging events are deemed to have occurred on a per-event basis; identifying particular content that was imaged as a result of the discrete content-imaging events on a per-event basis; accessing stored content-based classifications of the particular content on a per-event basis, wherein the stored content-based classifications comprise topics of the particular content; correlating the topics of the particular content to a plurality of user contexts on a per-event basis, wherein each user context of the plurality of user contexts is defined by a distinct combination of at least one of the particular users and at least one of the particular times; associating at least one user pattern with each user context based, at least in part, on the correlating; and generating for at least one user comparative content-imaging-pattern information for at least two user contexts of the plurality of user contexts; performing an automated risk evaluation of the comparative content-imaging-pattern information; and transmitting an alert to a designated user responsive to the comparative content-imaging-pattern information meeting specified criteria. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer-program product comprising a non-transitory computer-usable medium having computer-readable program code embodied therein, the computer-readable program code adapted to be executed to implement a method comprising:
-
accessing information related to enterprise usage of a plurality of network-accessible peripheral devices; identifying, from the information, discrete content-imaging events that occurred on the plurality of network-accessible peripheral devices; determining particular users associated with the discrete content-imaging events on a per-event basis; determining information related to particular times when the discrete content-imaging events are deemed to have occurred on a per-event basis; identifying particular content that was imaged as a result of the discrete content-imaging events on a per-event basis; accessing stored content-based classifications of the particular content on a per-event basis, wherein the stored content-based classifications comprise topics of the particular content; correlating the topics of the particular content to a plurality of user contexts on a per-event basis, wherein each user context of the plurality of user contexts is defined by a distinct combination of at least one of the particular users and at least one of the particular times; associating at least one user pattern with each user context based, at least in part, on the correlating; and generating for at least one user comparative content-imaging-pattern information for at least two user contexts of the plurality of user contexts; performing an automated risk evaluation of the comparative content-imaging-pattern information; and transmitting an alert to a designated user responsive to the comparative content-imaging-pattern information meeting specified criteria.
-
Specification