Abstract: The present disclosure describes systems and methods for aggregation and management of cloud storage among a plurality of providers. In a first aspect, the invention is directed to file distribution and management across multiple cloud services via a storage manager. The storage manager may aggregate third-party cloud storage provider accounts into a single cloud storage space and load balance files among the third party-accounts as necessary. In one implementation, the storage manager may act as an intermediary, and files may be transferred by the client to the storage manager, which may select and forward the files to a third-party storage provider. File retrieval may be performed similarly, with the client requesting a file from the intermediary storage manager, which may retrieve the file from the corresponding third-party storage provider and forward the file to the client device.

Abstract: The present disclosure describes systems and methods for aggregation and management of cloud storage among a plurality of providers. In a first aspect, the invention is directed to file distribution and management across multiple cloud services via a storage manager. The storage manager may aggregate third-party cloud storage provider accounts into a single cloud storage space and load balance files among the third party-accounts as necessary. In one implementation, the storage manager may act as an intermediary, and files may be transferred by the client to the storage manager, which may select and forward the files to a third-party storage provider. File retrieval may be performed similarly, with the client requesting a file from the intermediary storage manager, which may retrieve the file from the corresponding third-party storage provider and forward the file to the client device.

Abstract: The present disclosure describes systems and methods for remote management of appliances. The appliance may be configured to periodically check in a predetermined online location for the presence of a trigger file identifying one or more appliances directed to contact a management server for maintenance. If the file is present at the predetermined location and the file includes the identifier of the appliance, the appliance may initiate a connection to the management server. If the file is not found, then the appliance may reset a call timer and attempt to retrieve the file at a later time. To avoid having to configure addresses on the appliance, link local IPv6 addresses may be configured for use over a virtual private network, allowing administration, regardless of the network configuration or local IP address of the appliance.

Abstract: Methods, devices and computer program products facilitate the storage, access and management of log files that are associated with particular client devices. The log files provide a record of user or client device activities that are periodically sent to a data backup center. A dedicated log file server facilitates the processing and storage of an increasingly large number of log files that are generated by new and existing client devices. A storage server pre-processes the received log files to facilitate the processing and storage of the log files by the log file server. This Abstract is provided for the sole purpose of complying with the Abstract requirement rules. This Abstract is submitted with the explicit understanding that it will not be used to interpret or to limit the scope or the meaning of the claims.

Abstract: The present disclosure describes systems and methods for aggregation and management of cloud storage to leverage processing provided by a cloud provider with aggregation of cloud storage services. Files may be pipelined to the processing provider and then resynchronized to an alternate storage service, with processing or metadata retained. In one implementation, files may be provided for processing, retrieved, and then separately provided for storage. In another implementation, files may be simultaneously provided for processing and storage at different cloud storage providers. After processing, the metadata of the file may be retrieved, and the file deleted from storage of the processing provider. The metadata may be synchronized with the stored file, or may be retained in metadata storage and retrieved by the client device during synchronization or file retrieval operations.

Abstract: The present disclosure describes systems and methods for detection and mitigation of malicious encryption. A security agent on an infected computing device may monitor data writes to disk, memory, or network transmission buffers for strings that may represent encryption keys or moduli. The security agent may apply one or more techniques to decode and parse the string to either identify or extract the keys, or rule out the string as containing an encryption key or modulus. If a key is identified, or its presence cannot be excluded, then the security agent may generate an alert and take mitigation actions.

Abstract: The present disclosure describes systems and methods for remote management of appliances. The appliance may be configured to periodically check in a predetermined online location for the presence of a trigger file identifying one or more appliances directed to contact a management server for maintenance. If the file is present at the predetermined location and the file includes the identifier of the appliance, the appliance may initiate a connection to the management server. If the file is not found, then the appliance may reset a call timer and attempt to retrieve the file at a later time. To avoid having to configure addresses on the appliance, link local IPv6 addresses may be configured for use over a virtual private network, allowing administration, regardless of the network configuration or local IP address of the appliance.

Abstract: Methods, devices and computer program products facilitate the storage, access and management of log files that are associated with particular client devices. The log files provide a record of user or client device activities that are periodically sent to a data backup center. A dedicated log file server facilitates the processing and storage of an increasingly large number of log files that are generated by new and existing client devices. A storage server pre-processes the received log files to facilitate the processing and storage of the log files by the log file server. This Abstract is provided for the sole purpose of complying with the Abstract requirement rules. This Abstract is submitted with the explicit understanding that it will not be used to interpret or to limit the scope or the meaning of the claims.

Abstract: The present disclosure describes systems and methods for aggregation and management of cloud storage among a plurality of providers via file fragmenting to provide increased reliability and security. In one implementation, fragments or blocks may be distributed among a plurality of cloud storage providers, such that no provider retains a complete copy of a file. Accordingly, even if an individual service is compromised, a malicious actor cannot access the data. In another implementation, file fragmenting may be performed in a non-standard method such that file headers and metadata are divided across separate fragments, obfuscating the original file metadata.

Abstract: The present disclosure describes systems and methods for detection and mitigation of malicious activity regarding user data by a network backup system. In a first aspect, a backup system receiving and deduplicating backup data from a plurality of computing devices may detect, based on changes in uniqueness or shared rates for files, atypical modifications to common files, and may take steps to mitigate any potential attack by maintaining versions of the common files prior to the modifications or locking backup snapshots. In a second aspect, the backup system may monitor file modification behaviors on a single device, relative to practices of an aggregated plurality of devices. Upon detection of potentially malicious modification activity, a previously backed up or synchronized store of data may be locked and/or duplicated, preventing any of the malicious modifications from being transferred to the backup system.

Abstract: The present disclosure describes systems and methods for aggregation and management of cloud storage among a plurality of providers via file fragmenting to provide increased reliability and security. In one implementation, fragments or blocks may be distributed among a plurality of cloud storage providers, such that no provider retains a complete copy of a file. Accordingly, even if an individual service is compromised, a malicious actor cannot access the data. In another implementation, file fragmenting may be performed in a non-standard method such that file headers and metadata are divided across separate fragments, obfuscating the original file metadata.

Abstract: The present disclosure describes systems and methods for detection and mitigation of malicious activity regarding user data by a network backup system. In a first aspect, a backup system receiving and deduplicating backup data from a plurality of computing devices may detect, based on changes in uniqueness or shared rates for files, atypical modifications to common files, and may take steps to mitigate any potential attack by maintaining versions of the common files prior to the modifications or locking backup snapshots. In a second aspect, the backup system may monitor file modification behaviors on a single device, relative to practices of an aggregated plurality of devices. Upon detection of potentially malicious modification activity, a previously backed up or synchronized store of data may be locked and/or duplicated, preventing any of the malicious modifications from being transferred to the backup system.

Abstract: The present disclosure describes systems and methods for detection and mitigation of malicious activity regarding user data by a network backup system. In a first aspect, a backup system receiving and deduplicating backup data from a plurality of computing devices may detect, based on changes in uniqueness or shared rates for files, atypical modifications to common files, and may take steps to mitigate any potential attack by maintaining versions of the common files prior to the modifications or locking backup snapshots. In a second aspect, the backup system may monitor file modification behaviors on a single device, relative to practices of an aggregated plurality of devices. Upon detection of potentially malicious modification activity, a previously backed up or synchronized store of data may be locked and/or duplicated, preventing any of the malicious modifications from being transferred to the backup system.

Abstract: The present disclosure describes systems and methods for automatic synchronization of recently modified data between a plurality of devices. A device may identify newly utilized files stored on the device, and a synchronization engine may synchronize these files to one or more additional devices. The synchronization engine may record a storage location of the files on the first device, and may transmit the files for storage in a hidden directory on the other devices. After modification, a file may be synchronized back to the initial device. The synchronization engine on the initial device may retrieve the storage location of the modified file, and may replace the previous version of the file with the newly received modified file, in the original storage location. The user may view and edit recently utilized files on any device, while maintaining their original storage locations on each device and without having to manually manage files.

Abstract: A token is generated and processed as a substitute for sensitive information, e.g., payment information associated with a customer making a purchase of a product/service from a vendor. The customer's payment information is encrypted and stored in a first memory record of a secure computer system. A token is generated that includes memory-related information identifying the first memory record, and the token is transmitted to the vendor for storage in a customer record. To facilitate payment for the purchase, the vendor transmits the token to another party (e.g., a billing service or payment processor), and the encrypted payment information is read from the first memory record of the secure computer system based on the memory-related information in the token. The encrypted payment information is then decrypted to recover the payment information which is then used to effect payment.

Abstract: A method of managing bandwidth usage among a plurality of client devices is provided. A request is received at a first device from a second device. The request is to transfer a file between the first device and the second device and includes an identifier of the second device. A client group associated with the second device is determined based on the identifier and used to select a bandwidth usage policy. A data transfer rate for transferring the file between the first device and the second device is determined based on the selected bandwidth usage policy and a bandwidth usage at the first device associated with a plurality of devices. A number of bytes to transfer is determined based on the determined data transfer rate and a time period. A response, which includes the determined number of bytes and the time period, is sent to the second device.

Abstract: The present application is directed to systems and methods for transferring data between data backup sites. Backup data for transferring from a source data backup site to a destination data backup site is determined based on a storage parameter, the backup data comprising data associated with a client device. A transfer parameter is received from the destination data backup site, the transfer parameter comprising a storage logical site available for data storage. The determined backup data is matched to the storage logical site based on a parameter selected from a group consisting of the storage parameter, and the transfer parameter. A transfer of the determined backup data to the storage logical site is scheduled based on a parameter selected from a group consisting of the storage parameter, the transfer parameter, and a schedule parameter.

Abstract: The management of backup sets based on user feedback techniques include a method, and a system. In some embodiments of these techniques, the method includes receiving an update to a backup set from a first client device. The method further includes analyzing the update made to the backup set. The method further includes updating a default backup set stored in a storage device based on the update to the backup set. This Abstract is provided for the sole purpose of complying with the Abstract requirement rules. This Abstract is submitted with the explicit understanding that it will not be used to interpret or to limit the scope or the meaning of the claims.

Abstract: The present application is directed to systems and methods for transferring data between data backup sites. A backup data transfer of data associated with a client device is scheduled, and backup data is transferred from a source data backup site to a destination data backup site. A backend process associated with the client device is suspended, and a determination is made as to whether all backup data for the client has transferred from the source backup data site to the destination backup data site. Responsive to the determination, the backend process associated with the client device is resumed.