Abstract: Identification of an entity performing a deletion or modification action on locally stored files and notification to mitigate risks to cloud stored files is provided. A local or remote file watcher may monitor locally stored files and detect a deletion or modification action. The file watcher may also identify an entity performing the deletion or modification action. The entity may be an application, a process, a user other than the user that is the owner of the files, or the user himself/herself. The file watcher may further determine one or more alert conditions or rules associated with the affected file(s) and/or the entity, that is under which circumstances an alert is to be issued.

Abstract: Identification of an entity performing a deletion or modification action on locally stored files and notification to mitigate risks to cloud stored files is provided. A local or remote file watcher may monitor locally stored files and detect a deletion or modification action. The file watcher may also identify an entity performing the deletion or modification action. The entity may be an application, a process, a user other than the user that is the owner of the files, or the user himself/herself. The file watcher may further determine one or more alert conditions or rules associated with the affected file(s) and/or the entity, that is under which circumstances an alert is to be issued. The alert notification(s) may be issued to the user, an administrator, a cloud storage service, and/or a data protection service such that protective measures can be taken if necessary.

Abstract: Identification of an entity performing a deletion or modification action on locally stored files and notification to mitigate risks to cloud stored files is provided. A local or remote file watcher may monitor locally stored files and detect a deletion or modification action. The file watcher may also identify an entity performing the deletion or modification action. The entity may be an application, a process, a user other than the user that is the owner of the files, or the user himself/herself. The file watcher may further determine one or more alert conditions or rules associated with the affected file(s) and/or the entity, that is under which circumstances an alert is to be issued.

Abstract: Cloud-based storage services are provided for storing data across multiple devices, where access to the data is subject to a first authentication process. Embodiments are directed to a data protection feature to prevent accidental deletion or modification of the data stored at the cloud via unintended user actions on the clients or actions by nefarious software or hackers. For example, a data protection feature for a portion of data stored at the storage service may be selected, where the feature includes elevation of the first authentication process. An attempted operation performed on the portion of data may be detected. If the attempted operation is deletion or modification of the portion of data, a second authentication process may be prompted to enable the attempted operation to be performed on the portion of data at the storage service. The second authentication process may be elevated compared to the first authentication process.

Abstract: Cloud-based storage services are provided for storing and/or sharing content across multiple devices, where the content is periodically synchronized between the devices and the storage service. Embodiments are directed to detection of bulk operations associated with content stored at a storage service to protect users both proactively and remedially from accidental and/or nefarious content alterations propagating to the storage service and/or other devices. A model may be created based on a usage pattern associated with the content, an attempted operation performed on the content may be detected, and the attempted operation may be compared to the model to determine whether the operation deviates from the usage pattern. If the attempted operation deviates from the usage pattern, a preservation policy for the content at the storage service may be modified and a notification of the attempted operation may be provided to obtain user approval.

Abstract: Cloud-based storage services are provided for storing and/or sharing content across multiple devices, where the content is periodically synchronized between the devices and the storage service. Embodiments are directed to detection of bulk operations associated with content stored at a storage service to protect users both proactively and remedially from accidental and/or nefarious content alterations propagating to the storage service and/or other devices. A model based on a usage pattern monitored and provided by a client device may be received at the client device from the storage service. An attempted operation performed on the content may be detected, and the attempted operation may be compared to the model to determine whether the operation deviates from the usage pattern. If the attempted operation deviates from the usage pattern, execution of the attempted operation and synchronization of the content with the storage service may be prevented until the attempted operation is approved.