As further shown in FIG. 5, graphical user interface 502 may also include an approve button 508, a block button 510, and a tag button 512. Approve button 508 and block button 510 may correspond to approving the attempt to output the data object and blocking the attempt to output the data object, as discussed further above. In other examples, performance module 112 may perform the remedial action by simply tagging the data object, which may correspond to tag button 512. In these examples, performance module 112 may tag the data object by fixing a tag, marker, watermark, header, and/or metadata item that one or more data loss prevention filters or scanners may read, thereby converting the data object from an unreadable format to a readable format. The tag may indicate that the data object was created at a time that the application had accessed, or had access to, sensitive data. The tag may also specify all or some of the sensitive data that the application accessed, thereby enabling data loss prevention filters to perform more granular filtering at one or more other positions or layers of the computing environment protected by the data loss prevention systems (e.g., more sensitive data may be blocked at one or more additional locations or layers than less sensitive data). In alternative examples, the user may be given an option, prompt, and/or instruction to remove the sensitive data, after which the attempt to output the revised data object without the sensitive data included may be permitted.
