Browse Prior Art Database

Method of Providing Customer Visibility and Control of Sensitive Service Data

IP.com Disclosure Number: IPCOM000248783D
Publication Date: 2017-Jan-10
Document File: 3 page(s) / 34K

Publishing Venue

The IP.com Prior Art Database

Abstract

Described is a method of providing customer visibility and control of sensitive service data,

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 35% of the total text.

1

Method of Providing Customer Visibility and Control of Sensitive Service Data

As the world becomes more and more connected through internet technologies, the issue of data

privacy becomes increasingly important. This is especially true when dealing with applications

that have the capability to electronically transmit service information automatically over the

Internet to parties outside the customer environment (i.e., the product manufacturer or service

provider.) Current call home technologies have multiple issues:

Once the data leaves the customer site, it is out of control of the customer. Customers are 1.

becoming more and more concerned about the type of data which leaves their enterprise since

they have no control over who has visibility to it or to how the data is protected.

Conversely, from a support perspective, there is a certain set of information that is needed to 2.

deliver on contractual obligations (Example: IP addresses may be considered sensitive from

a customer perspective as a security measure but, from a support perspective, may be needed

to construct a network topology map to debug network issues). Lack of complete data can

dramatically degrade the support experience.

The customer set using call home is extremely varied and the degree of "discomfort" they 3.

will put up with to protect their data varies depending on the industry. (Example: Financial

and medical industries generally have a much tougher set of standards to follow regarding

data management than retail or manufacturing industries.)

Governmental rules regarding data handling vary by country, which can present a problem for 4.

multinational countries whose support infrastructure spans those countries.

Customer generally does not have visibility to what data is collected and sent to their service 5.

provider.

Application developers are generally not aware of the sensitivity of the customer's data 6.

(Example: if the application collects a dump of memory to solve an issue, and that dump

happens to contain 128 bytes of customer data that was in transit at the time, that could be an

issue if it is a credit card number that happened to be in that memory slot).

Customer modification of collected data post collection/pre-transmission can often times 7.

break service provider data processing applications.

Background concepts for understanding the proposed solution:

1. Current Service Data types1. Inventory Data

1. Pure:data about the system that contains no identifying information such as IP addresses, host names

2. Sensitive: data about the system that contains data such as IP addresses, host

names

2. Configuration Data:

1. Pure: data about the customer's environment that contains no identifying

information such as contact information or system location information

2. Sensitive: contact and location information

3. Support Data:

1. Pure: Data needed by support that has no potential for customer data (i.e.,

memory buffers, dumps, etc.)

2. Sensitive: Data which may h...