LAWRENCE, Kan. – April 20, 2023 – Cobalt Iron Inc., a leading provider of SaaS-based enterprise data protection, today announced that it has received a patent on its technology for machine-learning-driven authentication control of IT resources. U.S. Patent 11632374, issued on April 18, describes new techniques that will be implemented in Cobalt Iron Compass®, an enterprise SaaS backup platform. This patented technology is unique in that it will apply machine learning (ML) techniques to device behaviors and health status. As a result, IT infrastructures and business security controls will become more intelligent over time by learning from past operational outcomes, thereby optimizing security controls of IT resources.
This patent is associated with US Patent 11310237, Cobalt Iron’s technology for ML optimization of authentication control, issued in April 2022. By applying new ML techniques, that patent extended Compass’ already patented ability to optimize user authentication and access to IT resources dynamically based on what’s happening in the environment. This new patent is similar, but it also incorporates machine learning techniques to analyze the behaviors and health status of computing and storage devices.
Authentication controls in use today are static and don’t respond to changing conditions and events. In addition, those authentication controls are not monitored or analyzed to determine whether they are effective or optimized in achieving company security and safety objectives.
Likewise, critical IT resources — such as computing servers and storage devices — typically have the same authentication techniques in place as were used decades ago. This practice is unacceptable in today’s world of relentless cyberattacks.
In order to be more secure, IT resources and infrastructure must be responsive to evolving cyber and health events. User authentication roles and privileges may need to change temporarily under certain conditions, such as to accommodate failing storage devices or hardware devices under cyberattack.
Cobalt Iron’s latest patent covers just those concerns.
The new patent’s novel techniques will use extensive data collection, analytics, and machine learning to adjust user authentication and access to IT resources dynamically based on environmental events and operational outcomes.
Specifically, the techniques disclosed in this patent will:
- Collect training data such as computing and storage device health status, IT operation health status, device event data, users’ permission access patterns, access control duration data, project data, cyberevent information, security event logs, and data protection operational results.
- Analyze training data to determine the effectiveness of authentication controls during previous conditions and events.
- Generate ML rules based on the training data to potentially adjust authentication controls during future conditions and events.
- Monitor the health status of IT resources such as computing and storage devices for various health conditions and events.
- Dynamically adjust user authentication privileges based on generated ML rules.
- Modify durations of user authentication privilege adjustments in response to generated ML rules.
For example, these techniques could automatically and temporarily restrict access to computing or storage devices that show indications of being targets of a ransomware attack.
In another example, a change in the health status of a computing or storage device (e.g., devices going offline or online or having various kinds of health failures) could trigger adjustments in authentication control to those devices.
“Controlling authorization and access to key IT resources such as computing and storage devices is a critical part of securing any enterprise. Authentication controls in practice today are static and unresponsive to changing conditions and events,” said Greg Tevis, vice president of strategy at Cobalt Iron. “This patent discloses techniques that will automatically optimize authentication controls in response to the health status of IT resources. This helps eliminate the pervasive security exposures of stale, obsolete, and unresponsive authorization controls. IT resources and the entire IT infrastructure will become more secure as authentication controls get adjusted automatically as the environment changes. And authentication controls will continually improve over time by learning from the past.”< Back to Blog