| CPC G06F 21/6209 (2013.01) | 15 Claims |
|
1. A computer-implemented method, comprising:
determining, at an endpoint client running in a privileged mode of operation, a first domain name system (DNS) request by a first application to access a first website;
determining, at the endpoint client, that the first website is included in a monitor list;
determining, at the endpoint client, that the first application is included in a list of approved applications;
determining, at the endpoint client, that the first application is running a data security extension, wherein the data security extension is configured to collect metadata;
responsive to the determinations that (1) the first website is included in the monitor list, (11) the first application is included in the list of approved applications, and (111) the first application is running the data security extension, fulfilling the first DNS request;
determining, using the data security extension of the first application, a file is being uploaded to the first website;
determining, using the data security extension, the metadata collected by the data security extension and associated with the file, wherein the metadata comprises a hash of at least a portion of the file;
providing the metadata from the data security extension to a data security companion of the endpoint client;
creating a copy of the file accessible to the endpoint client;
transmitting the metadata to a data security administration environment;
obtaining, at the endpoint client, a file transfer request from the data security administration environment associated with the metadata; and
responsive to the file transfer request, uploading the copy of the file to the data security administration environment.
|