LAWRENCE, Kan.--(BUSINESS WIRE)--Cobalt Iron Inc., a leading provider of SaaS-based enterprise data protection, today announced that it has been granted a patent on its technology for dynamic authorization control based on conditions and events. Issued on May 4, U.S. patent #10999290 describes new capabilities for Cobalt Iron Compass®, an enterprise SaaS backup platform, that enable the use of analytics and machine learning to adjust user authentication and access to IT resources dynamically based on a variety of environmental and operational considerations. The technology meets an unfilled need in the industry for authorization control that responds to cyberthreats or other changes in the IT ecosystem.
Authorization controls are defined as the processes by which individuals or entities are validated to have proper security authentication and permissions to execute some action against some resource, such as accessing an operations center or moving and deleting data. In most environments today, authentication roles and associated permissions often remain in place for long periods of time, sometimes years, without further validation or adjustment. As job responsibilities, projects, applications, architectures, and business needs change, these old roles and permission assignments often expose the enterprise to security risks.
Cobalt Iron’s newly patented techniques reduce security risks by automatically adjusting authorization controls based on conditions, events, project status, etc., thereby eliminating the pervasive security exposures of outdated, obsolete, and unresponsive authorization controls. This eases the minds of security administrators, backup administrators, systems administrators, CIOs, CISOs, and other IT professionals who are responsible for maintaining security, authentication, and access control in their environments.
The techniques disclosed in this patent:
- Monitor for various conditions and events, such as a change in a state of a project, a change in a security alert level, or a change in the location of data or resources.
- Dynamically modify user authorization control, level, or duration based on the condition or event.
- Apply machine learning analytics to determine the condition or event.
- Leverage a cloud security profile to determine any user authorization modifications.
An important element of the patent is that those techniques will improve over time based on machine learning.
“Existing techniques for authorization control of IT resources are typically static and stale, resulting in security exposures in many of today’s enterprise environments. It’s impossible for humans to adequately monitor, analyze, and adjust all of the security authorization controls to IT resources that might be impacted by the innumerable changing conditions and events in an enterprise IT environment,” said Rob Marett, chief technology officer at Cobalt Iron. “This patent covers techniques that automatically recognize changes in the environment and dynamically adjust associated authorization controls accordingly. This patent establishes new standards of automation, discipline, and analytics-based responsiveness of authorization control of IT resources.”
About Cobalt Iron
Cobalt Iron is the global leader in SaaS-based enterprise data protection. The company was founded in 2013 to bring about fundamental changes in the world's approach to data protection. Through analytics and automation, Cobalt Iron enables enterprises to transform and optimize legacy backup solutions into a simple cloud-based architecture. By leveraging the cloud, Cobalt Iron reduces overall capex by more than 50% while eliminating backup failures and inefficiencies. Processing more than 8 million jobs a month for customers in 44 countries, Cobalt Iron delivers modern enterprise data protection for enterprise customers.
Product or service names mentioned herein are the trademarks of their respective owners.
Photo Link: www.wallstcom.com/CobaltIron/CobaltIron-Dynamic_Authorization_Control-Security_Authentication_AccessControl.jpg
Photo Caption: Patented technology that automatically adjusts authorization controls when responding to cyberthreats.