There are in general two current security approaches for enterprise-level IT systems. One approach is to monitor network activity, such as whether inappropriate files (such as files with sensitive information) are being transmitted to a non-secure network. Another approach is to limit the entitlements of users of an enterprise IT system, usually based on the users' profiles. For example, certain users may be restricted from accessing certain files on the network. Both of these approaches have their drawbacks. Because the network approach focuses on network activity, it often misses non-network related activity, such as printing or copying sensitive data to a portable storage device, that may still constitute a security risk. The entitlements-based client-side approach misses potentially malicious conduct that an end user could perform with data that the end user is entitled to access.