Abstract: The disclosed computer-implemented method for enforcing data loss prevention policies on endpoint devices may include (i) detecting that an endpoint device has terminated a connection with a protected network that is protected by a network-level data loss prevention system and has connected to an external network that is not protected, (ii) switching, in response to detecting that the endpoint device has connected to the external network, from an in-network data loss prevention policy to an out-of-network data loss prevention policy, (iii) detecting an inbound data transfer to the endpoint device, (iv) determining that the inbound data transfer comprises a transfer from a protected source that is protected by the out-of-network data loss prevention policy, and (v) performing a security action in response to determining that the inbound data transfer to the endpoint device comprises the transfer from the protected source. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for enforcing data loss prevention policies on endpoint devices may include (i) detecting that an endpoint device has terminated a connection with a protected network that is protected by a network-level data loss prevention system and has connected to an external network that is not protected, (ii) switching, in response to detecting that the endpoint device has connected to the external network, from an in-network data loss prevention policy to an out-of-network data loss prevention policy, (iii) detecting an inbound data transfer to the endpoint device, (iv) determining that the inbound data transfer comprises a transfer from a protected source that is protected by the out-of-network data loss prevention policy, and (v) performing a security action in response to determining that the inbound data transfer to the endpoint device comprises the transfer from the protected source. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for data loss prevention of unidentifiable and unsupported object types may include (1) monitoring, through at least one filter, data input to an application during execution, (2) scanning, through a data loss prevention scanner, the data input to the application to detect whether the data includes sensitive data that is protected by a data loss prevention policy, (3) flagging, based on the scanning, the application as having accessed the sensitive data that is protected by the data loss prevention policy, (4) detecting that the application is requesting to output a data object in a format that obscures underlying content, and (5) performing, by a data loss prevention program, a remedial action to prevent loss of the sensitive data based on both flagging the application and detecting that the application is requesting to output the data object in the format that obscures underlying content.

Abstract: The disclosed computer-implemented method for capturing input from users to prevent data loss may include (1) intercepting, as part of a data-loss-prevention application, user input intended for a data-processing application that would, if received by the data-processing application, cause the data-processing application to perform an operation on data that may violate a data-loss-prevention policy, (2) upon intercepting the user input, causing the data-processing application to perform an alternative operation on the data that makes the data accessible to the data-loss-prevention application, (3) scanning, while the data-processing application is prevented from performing the operation, the data for compliance with the data-loss-prevention policy, (4) determining, based on a result of the scanning, that the data complies with the data-loss-prevention policy, and (5) causing, in response to determining that the data complies with the data-loss-prevention policy, the data-processing application to perform the