1. Field of the Invention
This invention relates in general to networked computing systems, and more particularly, to a system for maintaining network security policy compliance.
2. Description of Related Art
The Internet and computer networks allow organizations to store applications and information on central servers, waiting to be called up and manipulated from any location. Networks allow people greater access to files and other confidential information. Global networks, including the Internet, and remote access increase the vulnerability of corporate data, increase the risk of information leaks, unauthorized document access and disclosure of confidential information, fraud, and privacy.
Employees are the greatest threat to an organization""s information security. Employees with access to information resources including email, the Internet, and on-line networks significantly increase the security risks.
Employees are using email for personal purposes creating questions of appropriate use of company resources, workplace productivity and appropriateness of message content. One of the greatest sources of information leaks is employee sent email. With electronic communication and networks, an electronic paper trail is harder to determine, since no record of who accessed, altered, tampered with, reviewed, or copied a file can make it very difficult to determine a document""s authenticity, and provide an audit and paper trail. In addition, there is no automated system to centrally collect, analyze, measure, index, organize, track, determine authorized and unauthorized file access and disclosure, link hard copy information with electronic files including email, and report on how information flows in and out of an organization.
Setting proper use and security policies are a method to create order and set standards for network use. Policies are ineffective unless users understand and comply with the policies. Unfortunately, most organizations do not have tangible proof when, and if, a network-based policy violation has occurred until long after the damage has been done. Due to the technical nature of network policy violations, policy enforcement officers may not have adequate knowledge, skill, and evidence to properly execute a policy violation claim. Cases of selective policy enforcement can occur if policy violations are not consistently reported, filed, investigated, and resolved.
Employees often view e-mail as equivalent to a private conversation. This view often does not reflect the official position of the organization. These communications reflect preliminary thoughts or ideas that have not been reviewed by the organization and typically only reflect the personal opinion of the parties involved. Yet, since employees of the organization create these communications, courts and regulatory agencies have concluded that employee communications can reflect the organization""s view. There is a further need for network communications software programs that offers robust policy compliance assistance, policy effectiveness monitoring and reporting.
There is a need for an automated system to assist policy enforcement officers with proper policy enforcement procedure, and methods to measure policy effectiveness, appropriateness, user system activity and compliance.
To overcome the limitations in the prior art described above, and to overcome other limitations that will become apparent upon reading and understanding the present specification, the present invention discloses a method and apparatus for maintaining policy compliance on a computer network. A system in accordance with the principles of the invention performs the steps of electronically monitoring network user compliance with a network security policy stored in a database, electronically evaluating network security policy compliance based on network user compliance, and electronically undertaking a network policy compliance action in response to network security policy compliance. The network policy compliance actions may include electronically implementing a different network security policy selected from network security policies stored in the database, generating policy effectiveness reports, and providing a retraining module to network users.
One preferred embodiment of the present invention includes notifying a network user and a policy administrator, providing a retraining module to the network user, and restricting the network user""s network access rights in response to monitoring network user compliance.