SYSTEMS AND METHODS FOR CREATING RULES BASED ON SECURITY POLICIES

Abstract

A method for setting rules into a computerized application, the method including collecting interaction events in an organization, identifying, from the interaction events, one or more persons and one or more files and/or records related to the specific process, computing a text relevance score for multiple text elements extracted from the interaction events, said text relevance score indicates a relevance between a specific text element of the multiple text elements and a specific process of the multiple processes, identifying the specific text element as unique to a specific process of the multiple processes according to a difference between the text relevance score computed between the specific text element and the specific process and the text relevance score computed between the specific text element and other processes of the multiple processes, and setting a security rule into the computerized application, said security rule having the specific text element as a trigger.

Description

Claims

1. A method for setting rules into a computerized application, the method comprising: collecting interaction events in an organization;identifying, from the interaction events, one or more persons and one or more files and/or records related to the specific process;computing a text relevance score for multiple text elements extracted from the interaction events, said text relevance score indicates a relevance between a specific text element of the multiple text elements and a specific process of the multiple processes;identifying the specific text element as unique to a specific process of the multiple processes according to a difference between the text relevance score computed between the specific text element and the specific process and the text relevance score computed between the specific text element and other processes of the multiple processes; andsetting a security rule into the computerized application, said security rule having the specific text element as a trigger.

2. The method of claim 1, further comprising updating the security rule once every predefined period of time.

3. The method of claim 1, wherein identifying the specific text element further comprises comparing the text relevance score computed between the specific text element and other processes of the multiple processes to a low threshold and identifying the specific text element only in case all the text relevance scores are lower than the low threshold.

4. The method of claim 1, wherein the computerized application enables users to interact via messages, and wherein the security rule limits transfer of the messages according to the specific string.

5. The method of claim 1, further comprising generating a white list of allowed objects based on a text relevance score of a text element representing the objects in the list of allowed objects.

6. The method of claim 5, wherein the objects in the list of allowed objects include at least one of persons, user names, groups of usernames, files, data record and domains.

7. The method of claim 1, further comprising updating the security rule in response to computing a new text relevance score.

8. The method of claim 1, wherein the text element comprises characters selected from a group consisting letters, numbers, symbols and a combination thereof.

9. The method of claim 1, wherein the rule is applied on a string-based content item selected from file name, file path, file content, a person related to a file, message headers, message subject, message content, a person related to a message or a combination thereof.

10. The method of claim 1, wherein the rule dictates a security action, wherein the security action is selected from blocking access to content, preventing an action from a user, preventing an action on a file, quarantine, notification and revoke access.