1. Field of Art
The present invention generally relates to the field of computer security and in particular to notifying users of security-related actions performed on network traffic.
2. Background of the Invention
An enterprise typically stores a large amount of resources including data and applications. Allowing a relatively free flow of data within the enterprise is important in enabling the enterprise to operate efficiently. However, in many cases it will also be important to the enterprise that the same data do not leak outside of the enterprise's own network. For example, it could be disastrous for a company to have new product designs and specifications reach a competitor before the market. In the modern web-connected work environment, the risk that such data will be leaked digitally, either maliciously or accidently, is significant.
To mitigate this risk, many enterprises implement and enforce data loss prevention (DLP) policies for their networks. Enforcing these policies typically involves monitoring outbound network traffic and preventing certain types of data from leaving the enterprise. When a policy is applied to network traffic from a particular user, the user is typically notified that the user's actions violated the DLP policy.
However, in certain situations the notification of the policy violation can have undesirable side effects. For example, if the user violates the DLP policy while using a web browser to access a web site, attempting to notify the user of the violation by causing the web browser to display an informational web page can result in the browser displaying confusing or generic error messages. This problem is particularly acute for asynchronous web applications because directing the browser to a new web page may break the web application.