摘要 |
A method and apparatus for scanning protected files for violations of a Data Loss Prevention (DLP) policy is described. In one embodiment, a protected file scanning tool monitors protected files in a computing system, and when one of the protected files is created, opened, or saved, the protected file scanning tool obtains a running instance of a data object, corresponding the protected file, from a data store that stores information to track objects that are currently running on the computing system. The protected file scanning tool extracts the decrypted data from the obtained data object, and scans the decrypted data to detect a violation of a DLP policy. |