A method and algorithm to calculate rogue cloud application activity and related user risk in an organization.
Publication Date: 2017-Jul-12
The IP.com Prior Art Database
Disclosed are a method and algorithm to calculate rogue cloud application activity and related user risk in an organization. The method extends current definitions of rogue activity to include access to approved applications via unapproved means and provides an algorithm to calculate rogue activity and user risk for both individual users and the organization.
A Method and Algorithm to Calculate Rogue Cloud Application Activity and Related User Risk in an Organization
Organizations consider applications used inside the organization without explicit approval, rogue. Cloud computing enables employees to circumvent the IT department and use a variety of cloud applications without the knowledge or approval of the IT department. In addition, employees may be using personal accounts for cloud applications approved for business use, circumventing the controls put in place by the organization. Uncontrolled cloud application usage can lead to the introduction of malware into the organization as well as leakage of sensitive and private information.
Security administrators need to identify the users contributing to the rogue activity in order to proactively reduce the threat profile for the organization.
Cloud security brokers and data leakage detection systems audit users’ cloud activity to detect high risk and rogue activity. For example, an existing service provides rogue activity statistics where rogue activity is only defined as access to unapproved cloud applications.
The method disclosed extends the definition of rogue activity to include access to approved applications via unapproved means and provides an algorithm to calculate rogue activity and user risk for the individual users and for the organization.
The disclosed method defines a rogue cloud application as a cloud application that is not explicitly approved for organizational use. It defines rogue activity as all access to rogue cloud applications as well as access to approved applications using rogue user accounts. For example, using a personal user account instead of an approved business account to access...