1. Technical Field
Embodiments of the present application generally relate to data loss prevention systems and, more particularly, to a method and apparatus for automatically administrating access rights for confidential information.
2. Description of the Related Art
Members of an organization (e.g., a small or large corporation, a government entity and/or the like) create and use confidential information (e.g., proprietary data, intellectual property, medical records, financial statements, customer information and/or the like). For example, an employee of an investment company views personal bank statements of various people in order to complete necessary business-related tasks. As another example, patients entrust a doctor with records of their medical histories. It is essential that this doctor protect this confidential information from unauthorized disclosure by employing a data loss prevention system.
Conventional data loss prevention systems use various authentication techniques to verify users that request access on internal and remote computerized devices. If a user is using an internal computerized device, it would be very simple for an administrator to verify the user and provision access rights for certain confidential information. Often, the administrator and the user are located in the same building and can perform the authentication in person. For example, the administrator can hand deliver a username and password of which the user can use to open documents containing the confidential information.
Authenticating users on the remote computerized devices, on the other hand, is difficult and overwhelmingly time consuming for the administrators. Transmitting documents to the remote computerized devices exposes the confidential information to undesired disclosure. In order to reduce security risks and prevent data loss, the administrators exercise great care when provisioning accounts for users on remote computerized devices and creating access rights associated with viewing the documents. For example, the administrator may secure the document with a password-protection feature. Before an authorized user can open the document, the administrator must personally email or communicate the password.
Therefore, there is a need in the art for a method and apparatus for automatically administrating access rights for confidential information that is both convenient for the users and administrators and at the same time ensuring high level of security.