Field
Embodiments presented herein generally relate to data loss prevention (DLP), and more specifically, to preventing sensitive data from being transferred to unauthorized locations during clipboard operations.
Description of the Related Art
Data loss prevention (DLP) generally refers to a variety of techniques to protect sensitive data. In endpoint DLP, a DLP agent can monitor and control activity occurring within a client computing system according to a policy, usually specified by an administrator (e.g., of an enterprise network). The DLP agent can block attempts to transmit sensitive data and generate incident reports describing such attempts.
One potential source of data loss includes clipboard operations performed on a client computing system. In particular, an enterprise does not want a user to copy sensitive data and paste the data into an unauthorized application. For example, an administrator may want to prevent a user on a work computer from copying social security numbers from a spreadsheet and pasting the numbers to a message in a personal e-mail account. As another example, the administrator may want to prevent users from pasting social security numbers into an image and uploading the image (e.g., in place of the original document) to a given destination to avoid detection.
Current approaches to monitor clipboard operations simply monitor copy operations performed by the user. When a user copies data, a DLP agent may intercept the copy operation and analyze the underlying data being copied. If the data corresponds to sensitive information, then the DLP agent can block the copy operation from occurring. However, this approach has several limitations. For instance, because the DLP agent monitors only the copy operation, the DLP agent does not obtain any information regarding a destination for the paste operation. Therefore, an administrator may have difficulty determining remedial steps to take without this information. Another consequence is that the DLP agent can indiscriminately block copy operations even in legitimate cases, e.g., a data entry employee copying and pasting sensitive data from and into cells of a single spreadsheet. False positives generated by the DLP agent may obscure cases where the user intends to leak sensitive data to an unauthorized location.