1. Field of the Invention
Implementations consistent with the principles of the invention relate generally to data processing and, more particularly, to identifying and processing confidential information on network endpoints.
2. Description of Related Art
Organizations are continuously looking to prevent information leakage from their internal networks and endpoints (e.g., devices connected to the networks). Information leakage may include sending confidential information from people legitimately using a network or endpoint to people outside of the organization. This is a problem for organizations due to increasing internal and external compliance requirements, the need to protect intellectual property, and the need to prevent unauthorized disclosure of sensitive information.
Some organizations use firewalls that block content based upon information stored in a policy server that is deemed to be confidential. Such systems are difficult to update because the confidential information to be blocked by the firewall needs to be manually entered into the policy server. Manual policy entry is time consuming and may disclose confidential information to people in the organization who should not have access to such information.
Some organizations use proprietary custom search engines that work in conjunction with a policy server to search specific devices connected to the organizational network. However, such arrangements only work well if the information being searched does not change and information is stored in appropriate locations accessible to the organizational network. Such arrangements do not work if information is stored locally on a network endpoint (e.g., on a hard drive of a laptop) because the network server(s) may be unaware of such information. The network server(s) also cannot retrieve such information unless the user of the local information decides to disclose such information to the network server(s). The arrangements also fail to prevent a network endpoint from sending confidential information outside of the network control via external networks (e.g., emailing confidential information via the Internet from a non-corporate email account to a personal email account, e.g., hotmail account). Furthermore, the custom search engines of these systems provide inaccurate results.