Proactive Solution Identifies and Prevents Sensitive Data Leaks in Enterprise Storage Networks

Proactive Solution Identifies and Prevents Sensitive Data Leaks in Enterprise Storage Networks

INVENTIV.ORG

Invented by Mojica; Juan M., Stone; Andrew

Today, keeping data safe is a bigger challenge than ever. More hackers, more malware, and more ways for information to leak out mean that old ways of protecting data just are not enough. Luckily, there is a new way to keep storage systems smart and secure. This post explains how a new patent application helps storage systems know when something is wrong and stops trouble before it gets worse. We will look at why this is needed, how it builds on past ideas, and what makes this invention special. Let’s dive right in.

Background and Market Context

Big companies, schools, hospitals, and even small businesses now keep all sorts of important data in storage systems. These systems are a mix of computers and hard drives that hold files, pictures, emails, and more. With the rise of cloud storage and networks that connect many places together, there is more data moving around than ever. At the same time, more bad actors are trying to attack these systems—sometimes to steal information, sometimes to lock it up and ask for money (ransomware), or just to cause damage.

Traditional security tools like firewalls and antivirus programs are good, but they are not perfect. They often sit outside the storage system, watching the flow of data coming in and out. But many threats now come from inside, or they sneak in past other defenses. Once inside, they can quickly cause a lot of harm before anyone notices. And because storage systems are now so big and fast, it is hard for people to keep up.

Companies face real problems if their data is stolen or destroyed. Medical records, financial numbers, customer lists, and business secrets are all at risk. When ransomware hits, it can lock up all company files within minutes. The costs can be huge—not just the ransom, but also lost business, broken trust, and legal trouble.

Because of all this, there is a big need for storage systems that can defend themselves. These systems need to notice when something odd is happening inside, not just outside. They have to be smart enough to tell the difference between normal activity and possible attacks. And, most importantly, they must take action quickly—before the damage is done.

The market is searching for solutions that can do this automatically, without needing experts to watch every step. New rules and privacy laws also require companies to keep sensitive data safe and to report any leaks or attacks. An intelligent, self-protecting storage system is now a must-have, not just a nice extra.

Scientific Rationale and Prior Art

For many years, storage systems simply stored data and followed orders. Security was handled by other tools: firewalls blocked bad traffic, antivirus software scanned for known threats, and backup systems made copies of data in case something went wrong. Some systems used encryption or data deduplication to save space, but these features did not really look out for attacks.

Past research and products added some layers of safety. For example, some backup tools could spot big changes in data and warn users. Others watched for spikes in network activity or strange patterns in how files changed. But these methods were often too simple. They could not tell the difference between normal busy days and real attacks, or they needed people to set lots of rules. They also did not always react fast enough.

Some storage systems started to use machine learning to spot patterns, but these systems often only worked on data going in and out of the network, not on what was happening inside the storage itself. Others tried to use snapshots and backups, but these could be deleted or damaged if the attacker had enough access. And most systems did not connect what they saw inside the storage to what was happening on the network.

A few new ideas have tried to add more intelligence inside storage. For example, some systems track how compressible data is (since encrypted or ransomware data is usually hard to compress), or compare the amount of data read and written. Others look for files that suddenly lose their usual patterns, like images that no longer look like images, or sudden changes in file types. Some use honeypots—fake files placed to catch attackers in action.

But even these advanced features often work in isolation. They do not always share their findings with other parts of the system, like network monitors. They might spot something odd but not be able to stop it. And they usually do not label each piece of data with its own sensitivity level, so everything is treated the same.

The patent application described here builds on all these ideas. It brings together smart monitoring of data activity, automatic labeling of sensitive data, and live communication with network monitoring tools. It does not just watch and warn—it takes steps to protect data right away. That is what makes this approach both new and powerful.

Invention Description and Key Innovations

This invention changes how storage systems protect data. It gives them eyes and brains inside, letting them watch for threats, tag sensitive data, and work with network monitors to stop trouble before it starts. Here’s how it works, step by step.

1. Sensitivity Classification Inside the Storage System

When new data is written to storage, the system checks what kind of data it is. Is it a simple log file? Is it a customer’s personal record? Is it financial information? The system uses smart rules (and even machine learning if needed) to look at the content and decide how sensitive it is. For example, if it spots credit card numbers, names, or health details, it can mark the data as “sensitive.” If it is just a routine file, it might be marked as “not sensitive.”

This classification can happen right when the data is written (a “write event”), or later if needed. The result is stored as metadata—extra information about the data. This metadata is like a label saying, “Handle with care!” or “This is OK to send.”

2. Smart Handling of Data Requests

When someone or something asks to send a piece of data from storage to another system (especially outside the safe network), the storage system checks the sensitivity label. It then packs the data and its label together in a network packet. The data goes in the main part (payload), while the label goes in the header (the information part of the packet that tells where it is going and gives extra instructions).

For example, the system might use a special field in the header called DSCP (Differentiated Service Code Points) or another tag that the network monitoring system can easily spot. The storage system may also send a message to the network monitor, telling it exactly where to find the sensitivity label in the packet.

3. Close Teamwork with Network Monitoring Systems

The network monitoring system sits at the edge of the safe network, checking all outgoing traffic. When it sees a packet from storage, it looks at the sensitivity label in the header. If the label says the data is sensitive, the monitor can do several things:

It might block the data from leaving the network.
It could slow down the transfer (throttling) to buy time for checks.
It may send an alert to security staff.
Or, if everything checks out, it can allow the data to go through.

This way, the system does not waste time scanning every piece of data. It focuses its attention on what matters most—sensitive data that could cause real harm if leaked.

4. Remedial Actions if a Threat is Detected

If the network monitor or the storage system itself thinks there may be a security problem (for example, if someone tries to send lots of sensitive data out at once, or in a way that looks odd), it can trigger quick actions:

Stop the data from being sent.
Slow down or “throttle” the flow.
Take a snapshot of the data as it is now, so it can be restored if needed.
Change data protection settings, like keeping backups longer or making them harder to delete.
Send out alerts to the right people.

These steps happen automatically, without waiting for a person to notice. This is key, since attacks often happen in minutes or seconds.

5. Flexible and Robust Design

The invention is designed to work in many kinds of setups. The classifier that checks data sensitivity can be built into the storage system, or it can be a separate service somewhere else. The labeling and checking can happen right when data is written, or at other times. The network monitor can be inside the company’s network or work from the outside. The way data and labels are shared is flexible, using packet headers or separate tables, so it fits with existing tools.

6. Benefits Over Past Approaches

This system is different from older methods because it:

Labels each piece of data with its own sensitivity level, not just applying one rule to everything.
Shares this label with the network monitor in real time, so sensitive data gets special handling.
Automates the whole process, from labeling to action, without needing people to watch every move.
Ties together inside-the-storage checks with network-level controls, closing the gap between data and network security.
Can trigger quick remedial actions, like blocking or snapshotting, as soon as danger is spotted.

All of this makes it much harder for attackers to steal or destroy important data, and much easier for staff to keep the system safe.

7. Real-World Use Cases

Here are some ways this invention works in practice:

A healthcare provider stores patient files. When a file is written, it is marked as “highly sensitive.” If someone tries to send it outside the safe network, the network monitor blocks it and alerts security.
A company sees that large batches of invoices are being sent out. The system spots that these are labeled as sensitive, but the sending matches normal business activity, so it allows the transfer after a quick check.
An employee’s computer is hacked, and a program tries to send many files marked as “confidential” to an outside address. The system blocks the transfer, takes a snapshot of the current state, and warns IT staff, who can then act fast.

This approach is smart, quick, and keeps sensitive data safe without slowing down normal business.

Conclusion

Data security is a moving target, and threats are always changing. This new invention gives storage systems the tools they need to watch, label, and protect data from the inside out. By classifying data sensitivity, tagging each piece, and working closely with network monitors, it stops dangers before they become disasters. Automated actions mean less work for people and less time for attackers to do harm. For any business or group that values its data, this is a big step forward. With this technology, storage systems are not just boxes that hold files—they are smart guardians that watch over what matters most.

Click here https://ppubs.uspto.gov/pubwebapp/ and search 20250363227.

--- oOo ---

Patent FAQs - Patent Guide

Check out some our latest posts on patent filling and patent news:

Related Blogs

Disclaimer:

The information provided on this blog does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available on this site are for general informational purposes only. Information on this website may not constitute the most up-to-date legal or other information. This website contains links to other third-party websites. Such links are only for the reader, user or browser; we do not recommend or endorse the contents of the third-party sites.

Readers of this website should contact their attorney to obtain advice for any particular legal matter. No reader, user, or browser of this site should act or refrain from acting based on information on this site without first seeking legal advice from counsel in the relevant jurisdiction. Only your attorney can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation. Use of and access to this website or any links or resources within this site do not create an attorney-client relationship between the reader, user, or browser and website authors, contributors, contributing law firms, and their respective employers.

The views expressed at or through this site are those of the authors writing in their individual capacities only – not this site. All liability for actions taken or not taken based on the contents of this site are expressly disclaimed. The content on this posting is provided “as is;” no representations are made that the content is error-free.