Abstract: A risk analysis system of associated with an enterprise system for determining delegation risks associated with assigning candidate individuals to perform various tasks. In some cases, the delegation risk analysis system may generate individual delegation risk scores to each candidate individual to assist in the delegation of tasks throughout an organization. In some examples, the delegation risk analysis system may determine the delegation risk scores based on context risk factors associated with the task and the individual and intrinsic delegation risk factors associated with the enterprise system.

Abstract: In one embodiment, a method is performed by a computer system. The method includes receiving a request from a user to access particular content. The method further includes determining a trust measure of the user, wherein the trust measure is based, at least in part, on an analysis of logged user-initiated communication events of the user on a plurality of communications platforms. In addition, the method includes accessing a self-service access policy applicable to the particular content. Further, the method includes ascertaining, from the self-service access policy, a trust threshold applicable to the particular content. Moreover, the method includes, responsive to a determination that the trust measure fails to satisfy the trust threshold, automatically denying access by the user to the particular content.

Abstract: A context-aware delegation engine can enable an account owner to identify granular criteria (or context) that will be used to determine what content a delegate will have access to. The account owner can therefore leverage a wide range of information to dynamically determine whether a delegate will receive access to particular content. The delegation engine can be configured to provide a delegation policy to be evaluated to determine whether a delegate should receive access to particular content. Such a delegation policy can be generated based on input provided by the delegator thereby providing the delegator with fine-grained control over which content will be accessible to a particular delegate. The delegation policy can be structured in accordance with an authorization protocol schema such as XACML, SAML, OAuth 2.0, OpenID, etc. to allow the evaluation of the delegation policy to be performed by a policy decision point in such authorization architectures.

Abstract: In one embodiment, a method includes receiving a request from a user to access particular content. The method also includes determining at least one topic of the particular content. In addition, the method includes determining one or more need-to-access values for the user in relation to the particular content, wherein the one or more need-to-access values are based, at least on in part, on a comparison of the least one topic to one or more topics associated with logged user-initiated communication events of the user. Further, the method includes accessing a self-service access policy applicable to the particular content. Also, the method includes ascertaining, from the self-service access policy, need-to-access criteria applicable to the particular content. Additionally, the method includes, responsive to a determination that the one or more need-to-access values fail to satisfy the need-to-know criteria, denying access by the user to the particular content.

Abstract: In one embodiment, a method is performed by a computer system. The method includes receiving a request from a user to access particular content. The method further includes determining a trust measure of the user, wherein the trust measure is based, at least in part, on an analysis of logged user-initiated communication events of the user on a plurality of communications platforms. In addition, the method includes accessing a self-service access policy applicable to the particular content. Further, the method includes ascertaining, from the self-service access policy, a trust threshold applicable to the particular content. Moreover, the method includes, responsive to a determination that the trust measure fails to satisfy the trust threshold, automatically denying access by the user to the particular content.

Abstract: A risk analysis system of associated with an enterprise system for determining delegation risks associated with assigning candidate individuals to perform various tasks. In some cases, the delegation risk analysis system may generate individual delegation risk scores to each candidate individual to assist in the delegation of tasks throughout an organization. In some examples, the delegation risk analysis system may determine the delegation risk scores based on context risk factors associated with the task and the individual and intrinsic delegation risk factors associated with the enterprise system.

Abstract: A context-aware delegation engine can enable an account owner to identify granular criteria (or context) that will be used to determine what content a delegate will have access to. The account owner can therefore leverage a wide range of information to dynamically determine whether a delegate will receive access to particular content. The delegation engine can be configured to provide a delegation policy to be evaluated to determine whether a delegate should receive access to particular content. Such a delegation policy can be generated based on input provided by the delegator thereby providing the delegator with fine-grained control over which content will be accessible to a particular delegate. The delegation policy can be structured in accordance with an authorization protocol schema such as XACML, SAML, OAuth 2.0, OpenID, etc. to allow the evaluation of the delegation policy to be performed by a policy decision point in such authorization architectures.

Abstract: A data classification component of an enterprise system that integrates computing resource information and network traffic information in near real time to control the impact of transmitting and classifying unstructured data on an overall enterprise system.

Abstract: In an embodiment, a method includes receiving a request from a controlling user to publish particular content. The method also includes determining at least one topic of the particular content. The method further includes allowing the controlling user to select need-to-know criteria, the need-to-know criteria comprising one or more thresholds relating to a prevalence of the at least one topic in logged conversations of a requesting user. In addition, the method includes allowing a controlling user to select a trust threshold, wherein the trust threshold relates, at least in part, to a quantitative analysis of logged behavior of a requesting user on the communications platform. Further, the method includes generating based, at least in part, on the need-to-know criteria and the trust threshold, a self-service access policy for the particular content. Also, the method includes activating the self-service access policy as to the particular content.