DLP Data Loss Prevention policies in mobile app

Implementing DLP (Data Loss Prevention) Policies in Mobile Apps

DLP in mobile context is not antivirus or a firewall. It's a set of restrictions on what a user can do with corporate data: copy to clipboard, take a screenshot, forward to a personal messenger, upload to a personal cloud drive. Without these restrictions, MDM loses its purpose.

Where Data Actually Leaks

Clipboard — the most common leak point. A user copies a corporate contract, switches to WhatsApp and pastes it there. On Android, intercept the copy moment via ClipboardManager.OnPrimaryClipChangedListener and clear the buffer when the app goes to background:

class DlpClipboardWatcher(private val context: Context) {

    private val clipboard = context.getSystemService(ClipboardManager::class.java)

    fun onAppBackground() {
        // Clear buffer if it contains corporate content
        val clip = clipboard.primaryClip ?: return
        val text = clip.getItemAt(0)?.text?.toString() ?: return

        if (dlpClassifier.isCorporateContent(text)) {
            clipboard.clearPrimaryClip()
        }
    }
}

On iOS 16+, the app receives UIPasteboard.changedNotification, but it can't read other apps' clipboard — only its own. However, you can prevent pasting into your fields via custom UITextView with overridden canPerformAction(_:withSender:).

Screenshots. On Android block via WindowManager.LayoutParams.FLAG_SECURE:

// In Activity or Fragment
window.setFlags(WindowManager.LayoutParams.FLAG_SECURE, WindowManager.LayoutParams.FLAG_SECURE)

This flag also hides content in Recent Apps switcher — important for sensitive screens. Don't apply globally: users complain they can't screenshot instructions. Enable only on screens with sensitive data.

On iOS there's no native screenshot ban. You can catch the event:

NotificationCenter.default.addObserver(
    self,
    selector: #selector(screenshotTaken),
    name: UIApplication.userDidTakeScreenshotNotification,
    object: nil
)

And in response — blur the screen, exit the mode, log the incident. But not prevent it.

Screen recording and screen mirroring — separate story. On iOS UIScreen.isCaptured lets you detect recording via AirPlay or ReplayKit and replace content with a placeholder.

Open-In and Share Sheet

The most painful point — UIDocumentInteractionController on iOS and Intent.ACTION_SEND on Android. By default, the user can open a corporate PDF in any third-party app.

On iOS, restriction goes through UIActivityViewController with custom excludedActivityTypes — but the list must be maintained manually, and new apps don't appear automatically. The correct corporate approach is Managed Open-In via MDM profile: documents from managed apps open only in other managed apps.

On Android — via DevicePolicyManager with Work Profile. Intents from the work profile by default don't go to personal. This is default behavior, don't break it — just don't break it accidentally via addCrossProfileIntentFilter.

Data Classification

DLP without classification — restrictions everywhere and always, which frustrates users. Need to differentiate:

The classifier can be simple — regex on patterns (contract number, INN, IBAN) — or ML-based via CoreML / TensorFlow Lite for complex cases.

Watermark on Documents

For Restricted level, add dynamic watermark with username and timestamp when displaying documents. This doesn't prevent screenshot leaks, but creates an audit trail. Implemented via custom PDFRenderer on Android or PDFKit on iOS with overlay via Core Graphics.

Logging DLP Incidents

Every DLP event goes to SIEM: screenshot attempt on protected screen, open-in attempt to unapproved app, clipboard wipe. Logs stored on server, not on device.

Work Stages

Audit existing app for leak points → design policies and classification matrix → implement technical restrictions → test via pentest scenarios (screenshot, ADB backup, clipboard) → documentation for IT.

Timeline: 3–5 days for basic set (screenshots, clipboard, open-in). With ML classifier and watermark — from 1.5 weeks.