Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

A method and algorithm to calculate rogue cloud application activity and related user risk in an organization.

IP.com Disclosure Number: IPCOM000250410D
Publication Date: 2017-Jul-12
Document File: 2 page(s) / 304K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed are a method and algorithm to calculate rogue cloud application activity and related user risk in an organization. The method extends current definitions of rogue activity to include access to approved applications via unapproved means and provides an algorithm to calculate rogue activity and user risk for both individual users and the organization.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

1

A Method and Algorithm to Calculate Rogue Cloud Application Activity and Related User Risk in an Organization

Organizations consider applications used inside the organization without explicit approval, rogue. Cloud computing enables employees to circumvent the IT department and use a variety of cloud applications without the knowledge or approval of the IT department. In addition, employees may be using personal accounts for cloud applications approved for business use, circumventing the controls put in place by the organization. Uncontrolled cloud application usage can lead to the introduction of malware into the organization as well as leakage of sensitive and private information.

Security administrators need to identify the users contributing to the rogue activity in order to proactively reduce the threat profile for the organization.

Cloud security brokers and data leakage detection systems audit users’ cloud activity to detect high risk and rogue activity. For example, an existing service provides rogue activity statistics where rogue activity is only defined as access to unapproved cloud applications.

The method disclosed extends the definition of rogue activity to include access to approved applications via unapproved means and provides an algorithm to calculate rogue activity and user risk for the individual users and for the organization.

The disclosed method defines a rogue cloud application as a cloud application that is not explicitly approved for organizational use. It defines rogue activity as all access to rogue cloud applications as well as access to approved applications using rogue user accounts. For example, using a personal user account instead of an approved business account to access...