Limiting exposure to compliance and risk in a cloud environment
First Claim
Patent Images
1. A non-transitory computer readable storage medium storing a program of instructions executable by a machine to perform a method of minimizing data security risks, the method comprising:
- determining a number and type of confidential data stored in a computing environment to generate a metric for the type of confidential data in the computing environment, the type of confidential data determined from a plurality of types comprising at least social security number (SSN), patient data, personal information, and credit card number;
comparing the metric of the type of confidential data to a predetermined metric for the type; and
responsive to determining the metric for the type of confidential data exceeding a predetermined metric for the type, performing an action to prevent more entries of the type of confidential data to be stored in the computing environment,the metric measured by at least one of a count of the type of confidential data in the computing environment and a volume size taken up by the type of confidential data in the computing environment,the predetermined metric being different for different types of confidential data in the computing environment,the performing an action to prevent more entries of the type of confidential data in the computing environment comprising closing an access port in the computing environment to requests associated with the type of confidential data, and automatically performing removal of data of the type stored in the computing environment to make room for accepting said more entries of the type of confidential data.
1 Assignment
0 Petitions
Accused Products
Abstract
Minimizing data security risks may be provided. A number and type of confidential data in a computing environment may be determined to generate a metric for the type of confidential data in the computing environment. The metric of the type of confidential data may be compared to a predetermined metric for the type. Responsive to determining the metric for the type of confidential data exceeding a predetermined metric for the type, an action may be performed to prevent more entries of the type of confidential data in the computing environment.
43 Citations
12 Claims
-
1. A non-transitory computer readable storage medium storing a program of instructions executable by a machine to perform a method of minimizing data security risks, the method comprising:
-
determining a number and type of confidential data stored in a computing environment to generate a metric for the type of confidential data in the computing environment, the type of confidential data determined from a plurality of types comprising at least social security number (SSN), patient data, personal information, and credit card number; comparing the metric of the type of confidential data to a predetermined metric for the type; and responsive to determining the metric for the type of confidential data exceeding a predetermined metric for the type, performing an action to prevent more entries of the type of confidential data to be stored in the computing environment, the metric measured by at least one of a count of the type of confidential data in the computing environment and a volume size taken up by the type of confidential data in the computing environment, the predetermined metric being different for different types of confidential data in the computing environment, the performing an action to prevent more entries of the type of confidential data in the computing environment comprising closing an access port in the computing environment to requests associated with the type of confidential data, and automatically performing removal of data of the type stored in the computing environment to make room for accepting said more entries of the type of confidential data. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system for minimizing data security risks, comprising:
-
one or more computing units running in a computing environment; and a processor coupled to the one or more computing units, the processor operable to determine a number and type of confidential data stored in the computing environment to generate a metric for the type of confidential data in the computing environment, the type of confidential data determined from a plurality of types comprising at least social security number (SSN), patient data, personal information, and credit card number, the processor further operable to compare the metric of the type of confidential data to a predetermined metric for the type, and responsive to determining the metric for the type of confidential data exceeding a predetermined metric for the type, the processor further operable to perform an action to prevent more entries of the type of confidential data to be stored in the computing environment, the metric measured by at least one of a count of the type of confidential data in the computing environment and a volume size taken up by the type of confidential data in the computing environment, the predetermined metric being different for different types of confidential data in the computing environment, the processor performing an action to prevent more entries of the type of confidential data in the computing environment comprising closing an access port in the computing environment to requests associated with the type of confidential data, and automatically performing removal of data of the type stored in the computing environment that is no longer needed by the computing environment to make room for accepting said more entries of the type of confidential data. - View Dependent Claims (7, 8, 9, 10, 11, 12)
-
Specification