Abstract: A method of controlling file access events in a computerized server, including receiving by a computer acting as a server and connected to a network of computer platforms, information of file access events intercepted by the computer platforms, accessing rules for processing file access events, retrieving auxiliary data disjoint of the event, and processing the event by the server based on the rule and the auxiliary data to determine an action for handling the event for the computer platform.

Abstract: An enterprise level data element review system including a data access event collection subsystem operative to collect data access event notifications relating to ones of a multiplicity of data elements, a data element metadata modification subassembly receiving an output from the data access event collection subsystem and providing a script indicating which data elements have had a metadata modification over a given period of time, and a data element dancer operative to collect at least one of metadata and access permissions for a plurality of data elements which is substantially less than the multiplicity of data elements and is selected on the basis of the script.

Abstract: An access permissions management system including a hierarchical access permissions repository including access permissions relating to data elements arranged in a data element hierarchy, wherein some of the data elements have only access permissions which are inherited from ancestral data elements, some of the multiplicity of data elements are prevented from having inherited access permissions and thus have only unique access permissions which are not inherited and some of the data elements are not prevented from having inherited access permissions and have not only inherited access permissions but also unique access permissions which are not inherited, some of which unique access permissions possibly being redundant with inherited access permissions, and an access permissions redundancy prevention engine operative to ascertain which of the unique access permissions are redundant with inherited access permissions and not to store the unique access permissions which are redundant with inherited access permiss

Abstract: A method for event handling in a multi-platform system, comprising acquiring an event of a file access from the multi-platform system, processing the event taking account of an auxiliary data to decide an action and activating the action, and an apparatus for performing the same.

Abstract: A method for automatic folder ownership assignment, including ascertaining which first folders, among a first multiplicity of folders, have at least one of modify and write permissions to non-IT administration entities, adding the first folders to a list of candidates for ownership assignment, defining a second multiplicity of folders which is a subset of the first multiplicity of folders and not including the first folders and descendents and ancestors thereof, ascertaining which second folders among the second multiplicity of folders, have permissions to non-IT administration entities, adding the second folders to the candidates, defining a third multiplicity of folders, which is a subset of the second multiplicity of folders and not including the second folders and descendents and ancestors thereof, ascertaining which third folders among the third multiplicity of folders are topmost folders, adding the third folders to the candidates, and recommending possible assignment of ownership of the candidates.

Abstract: A method for automatic folder ownership assignment, including ascertaining which first folders, among a first multiplicity of folders, have at least one of modify and write permissions to non-IT administration entities, adding the first folders to a list of candidates for ownership assignment, defining a second multiplicity of folders which is a subset of the first multiplicity of folders and not including the first folders and descendents and ancestors thereof, ascertaining which second folders among the second multiplicity of folders, have permissions to non-IT administration entities, adding the second folders to the candidates, defining a third multiplicity of folders, which is a subset of the second multiplicity of folders and not including the second folders and descendents and ancestors thereof, ascertaining which third folders among the third multiplicity of folders are topmost folders, adding the third folders to the candidates, and recommending possible assignment of ownership of the candidates.

Abstract: A method for automatic folder ownership assignment, including ascertaining which first folders, among a first multiplicity of folders, have at least one of modify and write permissions to non-IT administration entities, adding the first folders to a list of candidates for ownership assignment, defining a second multiplicity of folders which is a subset of the first multiplicity of folders and not including the first folders and descendents and ancestors thereof, ascertaining which second folders among the second multiplicity of folders, have permissions to non-IT administration entities, adding the second folders to the candidates, defining a third multiplicity of folders, which is a subset of the second multiplicity of folders and not including the second folders and descendents and ancestors thereof, ascertaining which third folders among the third multiplicity of folders are topmost folders, adding the third folders to the candidates, and recommending possible assignment of ownership of the candidates.

Abstract: A method for handling data of a computerized system at a remote computer linked to the computerized system, the method comprising subject to applying an at least one rule fetching from the computerized system to the remote computer a stub of an object of the computerized system generated according to the location of the object, actuating the stub, thereby downloading a copy of the object from the computerized system to the remote computer, and consequent to a modification of the copy of the object in the remote computer, updating the object in the computerized system according the modification.

Abstract: A method for automatic folder ownership assignment, including ascertaining which first folders, among a first multiplicity of folders, have at least one of modify and write permissions to non-IT administration entities, adding the first folders to a list of candidates for ownership assignment, defining a second multiplicity of folders which is a subset of the first multiplicity of folders and not including the first folders and descendents and ancestors thereof, ascertaining which second folders among the second multiplicity of folders, have permissions to non-IT administration entities, adding the second folders to the candidates, defining a third multiplicity of folders, which is a subset of the second multiplicity of folders and not including the second folders and descendents and ancestors thereof, ascertaining which third folders among the third multiplicity of folders are topmost folders, adding the third folders to the candidates, and recommending possible assignment of ownership of the candidates.

Abstract: A method for a secure search in a computerized system having a storage, comprising searching for objects in the storage of the computerized system according to search criteria provided by a user wherein the criteria comprise at least one attribute of the objects, identifying objects that meet the criteria and displaying representations respective of identified objects that are accessible to the user, and an apparatus for performing the same.

Abstract: A computerized method for obtaining collaboration with an object of a computerized system, comprising receiving at an owner party that owns the object a request from a requesting party employing a requesting mechanism of the computerized system to collaborate the object with a recipient party, providing by the owner party a decision to the recipient party whether to grant the recipient party to collaborate with the object, and registering, in a data construct of the computerized system, data comprising a status indicative of the decision, thereby providing for the computerized system to determine whether to allow the recipient party to collaborate with the object, wherein the method is performed on an at least one computer of the computerized system configured to perform the method, and an apparatus for performing the same.

Abstract: A method for automatic folder ownership assignment, including ascertaining which first folders, among a first multiplicity of folders, have at least one of modify and write permissions to non-IT administration entities, adding the first folders to a list of candidates for ownership assignment, defining a second multiplicity of folders which is a subset of the first multiplicity of folders and not including the first folders and descendents and ancestors thereof, ascertaining which second folders among the second multiplicity of folders, have permissions to non-IT administration entities, adding the second folders to the candidates, defining a third multiplicity of folders, which is a subset of the second multiplicity of folders and not including the second folders and descendents and ancestors thereof, ascertaining which third folders among the third multiplicity of folders are topmost folders, adding the third folders to the candidates, and recommending possible assignment of ownership of the candidates.

Abstract: An enterprise email governance system including an enterprise-wide email communication item events monitoring subsystem providing at least near real time indications of email communication item events and an enterprise-wide email communication item events storage subsystem receiving inputs from the monitoring subsystem and providing at least near real time user accessibility to the email communication item events.

Abstract: A computerized method for managing collaboration in a computerized system, comprising repeatedly applying any one of rules defined in the computerized system pertaining to objects of the computerized system, wherein the any one of the rules comprises an at least one condition concerning collaborativity of an object to which the any one of the rules pertains and the at least one condition is based on metadata of the object, by evaluating any one of conditions in the any one of the rules, thereby determining collaborativity of any one of the objects to which the any one of the rules pertains, and an apparatus for performing the same.

Abstract: A method for a secure search in a computerized system having a storage, comprising searching for objects in the storage of the computerized system according to search criteria provided by a user wherein the criteria comprise at least one attribute of the objects, identifying objects that meet the criteria and displaying representations respective of identified objects that are accessible to the user, and an apparatus for performing the same.

Abstract: An information technology management system for use in enterprise data management including a metadata supply subsystem which receives metadata from a network, an access permissions management subsystem for managing access permissions to data elements in the network and an access permissions management operation implementation subsystem which automatically governs the operation of the access permissions management subsystem, the access permissions management operation implementation subsystem having at least one of first, second, third and fourth modes of operation.

Abstract: A system for operating an enterprise computer network including multiple network objects, said system comprising monitoring and collection functionality for obtaining continuously updated information regarding at least one of access permissions and actual usage of said network objects, and entitlement review by owner functionality operative to present to at least one owner of at least one network object a visually sensible indication of authorization status including a specific indication of users which were not yet authorized by said at least one owner of said at least one network object.

Abstract: A method for enabling querying independently of a computerized system about objects thereof, comprising providing a computer linked to the computerized system with replications of entries of an index of the computerized system that comprise data derived from contents of the objects, where said entries correspond to a subset of objects that are identified as related objects, thereby enabling the computer, based on the provided replications, to query locally and independently of the computerized system about the related objects according to contents thereof, and an apparatus for performing the same.

Abstract: A method for automatic folder ownership assignment, including ascertaining which first folders, among a first multiplicity of folders, have at least one of modify and write permissions to non-IT administration entities, adding the first folders to a list of candidates for ownership assignment, defining a second multiplicity of folders which is a subset of the first multiplicity of folders and not including the first folders and descendents and ancestors thereof, ascertaining which second folders among the second multiplicity of folders, have permissions to non-IT administration entities, adding the second folders to the candidates, defining a third multiplicity of folders, which is a subset of the second multiplicity of folders and not including the second folders and descendents and ancestors thereof, ascertaining which third folders among the third multiplicity of folders are topmost folders, adding the third folders to the candidates, and recommending possible assignment of ownership of the candidates.

Abstract: An enterprise email governance system including an enterprise-wide email communication item events monitoring subsystem providing at least near real time indications of email communication item events and an enterprise-wide email communication item events storage subsystem receiving inputs from the monitoring subsystem and providing at least near real time user accessibility to the email communication item events.