~New Enterprise DLP Feature Allows Organizations to Block Data Leakage through WhatsApp While Preserving Legitimate Business Communication~
eScan (MicroWorld Technologies Inc.) today announced a breakthrough industry-first capability in its Enterprise Data Loss Prevention (DLP) solution: bi-directional clipboard and drag-drop control for messaging applications. This innovation addresses a critical gap in enterprise security by enabling organizations to prevent sensitive data from leaving the organization through platforms like WhatsApp and Viber, while simultaneously allowing employees to receive and process information from external contacts through these same channels.
The feature emerged from a real-world challenge faced by a lead-generation company whose inside sales representatives handle hundreds of customer leads daily. While the company needed to prevent employees from sharing proprietary lead information via WhatsApp, completely blocking copy-paste functionality would have crippled productivity, as sales teams regularly receive leads from external partners through the same platform.
“We were stuck between security and productivity,” said the CIO of the lead-generation firm that piloted the solution. “Our sales teams need WhatsApp to do their jobs, but we were leaking valuable customer data through the same channel. Traditional DLP solutions only offered an all-or-nothing approach, which wasn’t practical for our business.”
The problem extends far beyond lead-generation companies. Legal firms handling client privileged information, healthcare organizations managing patient data, and financial advisors dealing with investment portfolios all face similar challenges. WhatsApp has become the communication tool of choice across industries precisely because of its speed and convenience, but this same accessibility makes it a prime vector for data exfiltration.
A recent study found that approximately 25% of employees share confidential company information through messaging platforms, often without malicious intent. In one documented case, a healthcare professional inadvertently shared patient records via WhatsApp while discussing a case with a colleague, resulting in regulatory penalties. In another incident, a financial consultant copied investment strategies from internal documents and pasted them into a WhatsApp conversation, compromising proprietary trading information.
eScan’s solution works by monitoring the direction of data flow at the application and browser level. The system can distinguish between data being copied from the organization’s systems into WhatsApp (outbound, which can be blocked) versus data being copied from WhatsApp into the organization’s applications (inbound, which can be allowed). The technology also prevents internal data circulation within WhatsApp itself, addressing scenarios where employees might copy sensitive information from one WhatsApp conversation to another.
The feature functions across both web-based and desktop versions of messaging applications, with administrators able to configure policies on a per-application basis. By default, directional controls apply to all configured messaging platforms, but organizations can selectively enable or disable it for specific applications based on their security posture and business requirements.
“What makes this solution particularly effective is that it doesn’t disrupt the user experience,” explains Shweta Thakare, Vice-President of sales and marketing, eScan. “Employees can continue using the messaging tools they prefer and need for their work. The system operates transparently in the background, only intervening when data flow violates policy. It’s security that adapts to how people actually work, not security that forces people to work differently.”
The technology required sophisticated development to handle browser-based messaging applications, where traditional DLP approaches struggle. Modern browsers use tabbed interfaces, and web-based WhatsApp operates within this environment. eScan’s implementation can identify which browser tab is active, determine the URL being accessed, and apply appropriate controls based on the direction of information flow, all in real time.
eScan Enterprise DLP with bi-directional messaging control is available immediately for enterprise customers across government, defense, telecommunications, banking and financial services, healthcare, and education sectors. The company serves customers in over 90 countries with a research and development team of more than 300 cybersecurity professionals.