Abstract: A data source owner in a computing system protects that source via a “virtual” or surrogate entity or “avatar.” The entity is an object whose presence in the system is human-like, and it is given the specific task of protecting the data source for the owner. The avatar is associated with (or defined by) a non-human userid that has the same accesses and privileges of all (or defined) users, user groups and other resources that have access to the data source to be protected. During an initial setup, one or more actions to be performed by the non-human userid upon an occurrence of an actionable event with respect to the data source are specified, and a “baseline” associated with the data source is determined. Following setup, a monitor process is executed under the non-human userid, and this process records one or more accesses to the data source. Periodically, or upon a given occurrence, the monitor process spawns one or more ancillary processes to determine whether an actionable event has been triggered.

Abstract: A method of scanning secure data in a data store is performed in a manner that does not expose the scan data, the files being searched, or information about when matches occur between the scan data and the files. During the scan process, encrypted versions of searched files are compared to encrypted versions of match strings, and any resulting match data is encrypted before being written into a results file. In addition, to disguise when match entries are written, during the scan one or more encrypted dummy items are written into the results file.

Abstract: An owner of sensitive data is provided with a notification that the sensitive data has been located. To achieve this, the sensitive data is first modified to include one or more data strings that may appear to be suspect but are otherwise benign. These data strings, which are referred to herein as benign pseudo virus signatures (BPVSs), preferably are embedded throughout a piece of sensitive data according to a frequency distribution. When the sensitive data is examined by virus checking software, the benign pseudo virus signatures are detected as potential computer viruses. By using information associated with the signatures, the owner is identified, preferably using the assistance of an intermediary entity that acts as a registry for the BPVSs. Once the owner is identified, a notification is provided to the owner that the sensitive data has been located. Appropriate remedial action can then be taken.

Abstract: An owner of sensitive data is provided with a notification that the sensitive data has been located. To achieve this, the sensitive data is first modified to include one or more data strings that may appear to be suspect but are otherwise benign. These data strings, which are referred to herein as benign pseudo virus signatures (BPVSs), preferably are embedded throughout a piece of sensitive data according to a frequency distribution. When the sensitive data is examined by virus checking software, the benign pseudo virus signatures are detected as potential computer viruses. By using information associated with the signatures, the owner is identified, preferably using the assistance of an intermediary entity that acts as a registry for the BPVSs. Once the owner is identified, a notification is provided to the owner that the sensitive data has been located. Appropriate remedial action can then be taken.

Abstract: A method of scanning secure data in a data store is performed in a manner that does not expose the scan data, the files being searched, or information about when matches occur between the scan data and the files. During the scan process, encrypted versions of searched files are compared to encrypted versions of match strings, and any resulting match data is encrypted before being written into a results file. In addition, to disguise when match entries are written, during the scan one or more encrypted dummy items are written into the results file.

Abstract: A method of scanning secure data in a data store is performed in a manner that does not expose the scan data, the files being searched, or information about when matches occur between the scan data and the files. During the scan process, encrypted versions of searched files are compared to encrypted versions of match strings, and any resulting match data is encrypted before being written into a results file. In addition, to disguise when match entries are written, during the scan one or more encrypted dummy items are written into the results file.

Abstract: A data source owner in a computing system protects that source via a “virtual” or surrogate entity or “avatar.” The entity is an object whose presence in the system is human-like, and it is given the specific task of protecting the data source for the owner. The avatar is associated with (or defined by) a non-human userid that has the same accesses and privileges of all (or defined) users, user groups and other resources that have access to the data source to be protected. During an initial setup, one or more actions to be performed by the non-human userid upon an occurrence of an actionable event with respect to the data source are specified, and a “baseline” associated with the data source is determined. Following setup, a monitor process is executed under the non-human userid, and this process records one or more accesses to the data source. Periodically, or upon a given occurrence, the monitor process spawns one or more ancillary processes to determine whether an actionable event has been triggered.

Abstract: A method of scanning secure data in a data store is performed in a manner that does not expose the scan data, the files being searched, or information about when matches occur between the scan data and the files. During the scan process, encrypted versions of searched files are compared to encrypted versions of match strings, and any resulting match data is encrypted before being written into a results file. In addition, to disguise when match entries are written, during the scan one or more encrypted dummy items are written into the results file.