Detecting Paste Activity

ObserveIT can detect paste of text, file, folders and images using various methods, including right-click and keyboard shortcuts.

The detection mechanism enables you to:

• Detect non-file based exfiltration attempts through customizable alerts which trigger on keyboard and point-click actions.

• Search for the pasting of specific text and files/folders.

• Generate detailed reports on all pasting operations for audit and compliance requirements.

Pasting is detected when a paste is performed using:

• Right-click menu item: Paste

• Keyboard shortcuts: Ctrl+V, CTRL+Insert, Shift + Insert (Windows)

• Menu items: Edit > Paste and equivalent right-click menu items

• Keyboard shortcuts: Cmd+V (Mac)

Prerequisites

• To use ObserveIT's Paste feature for Windows (or Mac), the Enable detection of paste in the Data Loss Policy must be selected. This enables the detection of paste activity by right-click menu item Paste. See Data Loss Detection Policy.

• In addition to enable detection of paste performed by Ctrl-V (Windows), Cmd-V (Mac), you must also turn on Enabling key logging in Configuring System Settings.

Pasted text content is encrypted.

Paste Activity Features

You can:

• Set alert triggers for text, files, folders, and images that were pasted. See Pasted - Did What.

• Create report listing what was pasted. Reports can include columns for content type, pasted text, source folder, pasted file and pasted folder. See Paste Report Configuration.

• Search for keywords in pasted content. See Types of Data You Can Search For.

Viewing Results in the Web Console Diaries

You can view paste activity from the Summary and Timeline view in the Endpoint Diary and User Diary. See Session Details Views.

This view shows the any paste activity during a session. The example below shows two paste operations.