Method and system for policy based monitoring and blocking of printing activities on local and network printers
First Claim
Patent Images
1. A method comprising:
- intercepting a print job, which is intended for a first printer driver, at a second printer driver, which interfaces with a data loss prevention agent;
identifying a user identity and an originating application associated with the print job;
analyzing content of print data to determine whether to allow or cancel the print job based on a security policy, wherein the security policy outlines which types of content are authorized for printing across a plurality of computer systems by certain members of an organization, and wherein the security policy outlines which types of content are prohibited from being printed by external systems outside the organization;
wherein the second printer driver prevents all data from reaching the first printer driver until the data loss prevention agent confirms that the print job is allowed; and
wherein if the print job is allowed, the second printer driver will send the print data to the first printer driver for printing.
10 Assignments
0 Petitions
Accused Products
Abstract
A method and system for data loss prevention controls and protects sensitive data from being printed in an unauthorized manner. A method for controlling printing activities implemented in a computer system comprises intercepting a print job comprising print data intended for a printer driver, delaying performance of the print job, analyzing content of the print data to determine whether to allow or cancel the print job based on a security policy, and resuming or canceling the print job based on the analysis of the content of the print data.
-
Citations
16 Claims
-
1. A method comprising:
-
intercepting a print job, which is intended for a first printer driver, at a second printer driver, which interfaces with a data loss prevention agent; identifying a user identity and an originating application associated with the print job; analyzing content of print data to determine whether to allow or cancel the print job based on a security policy, wherein the security policy outlines which types of content are authorized for printing across a plurality of computer systems by certain members of an organization, and wherein the security policy outlines which types of content are prohibited from being printed by external systems outside the organization; wherein the second printer driver prevents all data from reaching the first printer driver until the data loss prevention agent confirms that the print job is allowed; and wherein if the print job is allowed, the second printer driver will send the print data to the first printer driver for printing. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system comprising:
-
a processor; and a memory operable to store computer program instructions executable by the processor such that the system is configured for; intercepting a print job, which is intended for a first printer driver, at a second printer driver, which interfaces with a data loss prevention agent; identifying a user identity and an originating application associated with the print job; analyzing content of print data to determine whether to allow or cancel the print job based on a security policy, wherein the security policy outlines which types of content are authorized for printing across a plurality of computer systems by certain members of an organization, and wherein the security policy outlines which types of content are prohibited from being printed by external systems outside the organization; wherein the second printer driver prevents all data from reaching the first printer driver until the data loss prevention agent confirms that the print job is allowed; and wherein if the print job is allowed, the second printer driver will send the print data to the first printer driver for printing. - View Dependent Claims (7, 8, 9, 10, 11)
-
-
12. A computer program product including a non-transitory computer medium and computer instructions for performing operations, comprising:
-
intercepting a print job, which is intended for a first printer driver, at a second printer driver, which interfaces with a data loss prevention agent; identifying a user identity and an originating application associated with the print job; analyzing content of print data to determine whether to allow or cancel the print job based on a security policy, wherein the security policy outlines which types of content are authorized for printing across a plurality of computer systems by certain members of an organization, and wherein the security policy outlines which types of content are prohibited from being printed by external systems outside the organization; wherein the second printer driver prevents all data from reaching the first printer driver until the data loss prevention agent confirms that the print job is allowed; and wherein if the print job is allowed, the second printer driver will send the print data to the first printer driver for printing. - View Dependent Claims (13, 14, 15, 16)
-
Specification