Abstract: A method for accessing content of encrypted data item(s) by a terminal device operating in a digital environment, according to which before the data item is being accessed by the terminal device, it is modified after being intercepted if found to be encrypted. The wrapper of the data item is modified or replaced by embedding a URL with a unique identifier and a message into the wrapper of the data item. If a supported terminal device attempts to accesses the modified data item, the client application natively consumes the data from the modified data item and ignores its wrapper. If not, the message and the URL are displayed on the terminal device and the user browses the URL. Then after authentication, a web server locates the modified data item using the unique identifier, retrieves and decrypts the modified item and converts the decrypted modified data item to a format that can be consumed by the browser.

Abstract: Methods, systems, and computer program products are described herein for the classification, tagging, and protection of data objects. Such techniques may be imposed on the data objects automatically regardless of whether the data objects are created/generated/interacted/downloaded/uploaded/accessed on the cloud-based environments and/or on-premises environments. The foregoing techniques are orchestrated from a centralized policy that is treated uniformly regardless of the data objects' environment. Once a data object is identified, it is classified based on multiple criteria and a tag is associated therewith. An enforcement action may be applied to the data objects based on a defined policy. The tag attached to the data object may be used to search for related audit logs that track accesses to the data object. By associating the tag and protection persistently, data object(s) are treated uniformly (i.e., in the same manner) regardless of what environment it is in.

Abstract: Methods, systems, and computer program products are described herein for the classification, tagging, and protection of data objects. Such techniques may be imposed on the data objects automatically regardless of whether the data objects are created/generated/interacted/downloaded/uploaded/accessed on the cloud-based environments and/or on-premises environments. The foregoing techniques are orchestrated from a centralized policy that is treated uniformly regardless of the data objects' environment. Once a data object is identified, it is classified based on multiple criteria and a tag is associated therewith. An enforcement action may be applied to the data objects based on a defined policy. The tag attached to the data object may be used to search for related audit logs that track accesses to the data object. By associating the tag and protection persistently, data object(s) are treated uniformly (i.e., in the same manner) regardless of what environment it is in.

Abstract: Systems and methods for identifying and responding to anomalous data activity by a computer user on a computing device are presented. An anomalous data activity service, implemented as a machine learning service, receives notice of data activity and conducts an evaluation to determine whether the data activity is an anomalous data activity. Upon determining that the data activity is an anomalous data activity, a responsive action may be taken that may result in the anomalous data activity being blocked or allowed.

Abstract: A method for enabling data classification and or enforcement of Information Rights Management (IRM) capabilities and or encryption in a software application according to which, an agent is installed on each terminal device that runs the application and a central management module which includes the IRM, encryption and classification policy to be enforced, communicates with agents that are installed on each terminal device. The central management module distributes the appropriate IRM and or classification policy to each agent and applies the policy to any application that runs on the terminal device.

Abstract: Abstract system and method for enabling data modification, classification and enforcement of IRM capabilities in standard isolated software applications is disclosed, according to which an add-on code is installed on the terminal device of user that runs the standard application. The add-on code is adapted to interact with the virtual keyboard used by the standard application, to form a custom virtual keyboard to which the features of classifying data items(s) and/or of modifying the content of the data item are added, without changing the natural environment, the user is normally used to. Then a custom virtual keyboard that includes a designed UP interfacing objects is created, for adding inputs that are associated with classification and modification in the data item in the form of a hidden tag tot the content of the data item.

Abstract: System and method for enabling data modification, classification and enforcement of IRM capabilities in standard isolated software applications is disclosed, according to which an add-on code is installed on the terminal device of a user that runs the standard application. The add-on code is adapted to interact with the virtual keyboard used by the standard application, to form a custom virtual keyboard to which the features of classifying data item(s) and/or of modifying the content of the data item are added, without changing the natural environment, the user is normally used to. Then a custom virtual keyboard that includes a designed UI interfacing objects is created, for adding inputs that are associated with classification and modification in the data item in the form of a hidden tag to the content of the data item.

Abstract: Methods, systems, and computer program products are described herein for the classification, tagging, and protection of data objects. Such techniques may be imposed on the data objects automatically regardless of whether the data objects are created/generated/interacted/downloaded/uploaded/accessed on the cloud-based environments and/or on-premises environments. The foregoing techniques are orchestrated from a centralized policy that is treated uniformly regardless of the data objects' environment. Once a data object is identified, it is classified based on multiple criteria and a tag is associated therewith. An enforcement action may be applied to the data objects based on a defined policy. The tag attached to the data object may be used to search for related audit logs that track accesses to the data object. By associating the tag and protection persistently, data object(s) are treated uniformly (i.e., in the same manner) regardless of what environment it is in.

Abstract: A method of protecting data items in an organizational computer network, including, defining multiple information profiles for classifying the data item, defining rules for protecting the data item belonging to a specific information profile, classifying the data item according to the defined information profiles, applying a protection method to the data item responsive to the classification and the defined rules, automatically updating the classification of the data item responsive to a change in the content or location of the data item; and automatically transforming the applied protection method, throughout the lifecycle of the data item, responsive to a change in classification or location of the data item, according to the defined rules.

Abstract: Systems and methods for identifying and responding to anomalous data activity by a computer user on a computing device are presented. An anomalous data activity service, implemented as a machine learning service, receives notice of data activity and conducts an evaluation to determine whether the data activity is an anomalous data activity. Upon determining that the data activity is an anomalous data activity, a responsive action may be taken that may result in the anomalous data activity being blocked or allowed.

Abstract: A method of protecting data items in an organizational computer network, including, defining multiple information profiles for classifying the data item, defining rules for protecting the data item belonging to a specific information profile, classifying the data item according to the defined information profiles, applying a protection method to the data item responsive to the classification and the defined rules, automatically updating the classification of the data item responsive to a change in the content or location of the data item; and automatically transforming the applied protection method, throughout the lifecycle of the data item, responsive to a change in classification or location of the data item, according to the defined rules.

Abstract: A method of protecting data items in an organizational computer network, including, defining multiple information profiles for classifying the data item, defining rules for protecting the data item belonging to a specific information profile, classifying the data item according to the defined information profiles, applying a protection method to the data item responsive to the classification and the defined rules, automatically updating the classification of the data item responsive to a change in the content or location of the data item; and automatically transforming the applied protection method, throughout the lifecycle of the data item, responsive to a change in classification or location of the data item, according to the defined rules.

Abstract: A method for enabling data classification and? or enforcement of Information Rights Management (IRM) capabilities and?or encryption in a software application according to which, an agent is installed on each terminal device that runs the application and a central management module which includes the IRM, encryption and classification policy to be enforced, communicates with agents that are installed on each terminal device. The central management module distributes the appropriate IRM and?or classification policy to each agent and applies the policy to any application that runs on the terminal device.

Abstract: Abstract system and method for enabling data modification, classification and enforcement of IRM capabilities in standard isolated software applications is disclosed, according to which an add-on code is installed on the terminal device of user that runs the standard application. The add-on code is adapted to interact with the virtual keyboard used by the standard application, to form a custom virtual keyboard to which the features of classifying data items(s) and/or of modifying the content of the data item are added, without changing the natural environment, the user is normally used to. Then a custom virtual keyboard that includes a designed UP interfacing objects is created, for adding inputs that are associated with classification and modification in the data item in the form of a hidden tag tot the content of the data item.

Abstract: System and method for enabling data modification, classification and enforcement of IRM capabilities in standard isolated software applications is disclosed, according to which an add-on code is installed on the terminal device of a user that runs the standard application. The add-on code is adapted to interact with the virtual keyboard used by the standard application, to form a custom virtual keyboard to which the features of classifying data item(s) and/or of modifying the content of the data item are added, without changing the natural environment, the user is normally used to. Then a custom virtual keyboard that includes a designed UI interfacing objects is created, for adding inputs that are associated with classification and modification in the data item in the form of a hidden tag to the content of the data item.

Abstract: Described are embodiments for adaptive classification of data items which may include receiving a classification training set, the classification training set comprising a set of items associated with classification events made by a group of selected users, each item in the set of items having been designated as belonging to a particular classification by a selected user while manipulating the each item; determining from the classification training set a set of rules which can be used to classify unknown data items such that the classification of the unknown data items is consistent with the manual or automatic classification of the classification training set; adaptively updating the set of rules, according to classifications made to additional data items by additional users; and automatically classifying, based on the set of rules, one or more data items that are manipulated by a second set of one or more users.

Abstract: A method of protecting data items in an organizational computer network, including, defining multiple information profiles for classifying the data item, defining rules for protecting the data item belonging to a specific information profile, classifying the data item according to the defined information profiles, applying a protection method to the data item responsive to the classification and the defined rules, automatically updating the classification of the data item responsive to a change in the content or location of the data item; and automatically transforming the applied protection method, throughout the lifecycle of the data item, responsive to a change in classification or location of the data item, according to the defined rules.

Abstract: A method of protecting data items in an organizational computer network, including, defining multiple information profiles for classifying the data item, defining rules for protecting the data item belonging to a specific information profile, classifying the data item according to the defined information profiles, applying a protection method to the data item responsive to the classification and the defined rules, automatically updating the classification of the data item responsive to a change in the content or location of the data item; and automatically transforming the applied protection method, throughout the lifecycle of the data item, responsive to a change in classification or location of the data item, according to the defined rules.

Abstract: A method for accessing content of encrypted data item(s) by a terminal device operating in a digital environment, according to which before the data item is being accessed by the terminal device, it is modified after being intercepted if found to be encrypted. The wrapper of the data item is modified or replaced by embedding a URL with a unique identifier and a message into the wrapper of the data item. If a supported terminal device attempts to accesses the modified data item, the client application natively consumes the data from the modified data item and ignores its wrapper. If not, the message and the URL are displayed on the terminal device and the user browses the URL. Then after authentication, a web server locates the modified data item using the unique identifier, retrieves and decrypts the modified item and converts the decrypted modified data item to a format that can be consumed by the browser.

Abstract: A method of protecting data items in an organizational computer network, including, defining multiple information profiles for classifying the data item, defining rules for protecting the data item belonging to a specific information profile, classifying the data item according to the defined information profiles, applying a protection method to the data item responsive to the classification and the defined rules, automatically updating the classification of the data item responsive to a change in the content or location of the data item; and automatically transforming the applied protection method, throughout the lifecycle of the data item, responsive to a change in classification or location of the data item, according to the defined rules.