Data Loss Prevention Blog

Stopping Data Leaks Before They Happen Isn’t Science Fiction

What if you could stop a crime before it happens? That’s the premise of the 2002 movie, Minority Report. If you haven’t seen the movie, here’s a short summary: In the year 2054, crime is virtually eliminated thanks to an elite law enforcing squad "Precrime” that use three gifted humans (called "Pre-Cogs") with special powers to see into the future and predict crimes beforehand. The future is seen and the guilty punished before the crime has ever been committed.

Stopping serious crime before it happens is great, but can the same be true for stopping data leaks before they happen? Is there a software equivalent of “Pre-Cogs” that can look deep inside a file or file system for sensitive data, predict a possible data leak and stop it before anything bad happens?

As a matter of fact, the answer is yes, and you don’t have to wait until 2054 to take advantage of it.

Everyone knows that DeviceLock’s Core Module is great at stopping data leaks by controlling the ports and types of devices that can be attached to an endpoint computer and the type of files that can be transferred. And through our NetworkLock module, we stop data leaks by providing contextual controls to IP protocols in order to address network related security threats like company email, personal webmails, instant messaging, social networks, cloud services, FTP, Torrents, SMB, etc.

But many people are not aware of the advanced capabilities of our other modules, namely our ContentLock and Discovery modules, in terms of providing the “Pre-Cog” type of functionality that can actually stop a data leak before it happens.

ContentLock can look inside virtually any file to analyze and filter the textual content and stop data from being copied to removable media, the clipboard, other plug-and-play storage devices, data sent for printing and even data that might otherwise be hidden in screen prints, graphical files or images imbedded in documents. ContentLock also filters data objects and sessions from within network communications, so paths like instant messenger chat sessions, webmail, social networks, and cloud-based file sharing services are covered. ContentLock can extract textual data from more than 160 file formats and data types and then apply content filtering based on pre-built templates, industry specific keyword filters (HIPAA, PCI, etc.) document meta properties, files types and more.

You can think of ContentLock as the “Pre-Cog” that’s looking at every bit of data as it’s in motion and acting like a data traffic cop, saying “nope, that particular type of data is not leaving this workstation. Not by email, not by printing, not by pasting from the clipboard, not by uploading to a file share site, not by copying to a thumb drive. No way, no how.”

So if ContentLock works as the “Pre-Cog” for “data in motion”, what about all the other data that is residing in your organization? For “data at rest”, our “Pre-Cog” is the DeviceLock Discovery Module.

DeviceLock Discovery provides visibility and control over sensitive “data at rest” stored across an organization’s entire network environment to proactively prevent potential data breaches and achieve compliance with regulatory and corporate data security requirements. By automatically scanning data residing on network shares, storage systems, and endpoint computers on the corporate network, DeviceLock Discovery locates documents with sensitive content and provides options to remediate them, as well as initiate incident management procedures. A unique feature of our Discovery Module is OCR capabilities in over 30 languages that include double byte languages such as Korean, Chinese and Japanese.

DeviceLock Discovery is the “Pre-Cog” that’s analyzing the stored files in the organization, finding the sensitive data that’s hidden inside, and providing a means to lock down that information (via deletion, encryption, access permissions, etc.) so that it never has the chance to leak out of the organization. It’s the ultimate “Pre-Cog” way of stopping bad things before they happen.

So, if you’re using our Core Module and NetworkLock, that’s great. But if you want to take a step into science fact (not fiction), then you owe it to yourself to check out our ContentLock and Discovery modules. Why worry about the consequences of a data leak when you have the power to stop it before it happens?

If you’d like to know more about DeviceLock and our “Pre-Cog” modules, call us at 925-231-4400 or email to us.sales (at) to talk to one of our endpoint security specialists. If you’d like to trial the DeviceLock DLP Suite for 30 days, please visit our website at: