Knowledgebase
Screen capture blocking
Posted by , Last modified by Štěpán Horký on 11 June 2019 03:31 PM

Safetica 9 includes a new way of blocking screen capture. This feature now works with all kinds of screenshot, screen recording or screen sharing applications. Additionally, blocking only blocks out the part of the screen which includes sensitive data. This means that you can still take screenshots of application windows which do not contain anything sensitive or share a non-sensitive part of your screen in video chat.

Previously, Safetica only detected certain user actions which were considered as taking a screenshot. The new screen capture blocking no longer depends on user action detection, and is therefore more universal and covers more scenarios.

Since user actions are not detected when screen capture is blocked, there is nothing to log. This means that Safetica no longer provides logs about screen capture operations, and user notifications about screen capture blocking only appear when a DLP policy is applied - when an application is launched or when it opens protected data.


On Windows 8 and later operating systems this feature works with no limitations. On Windows 7, screen capture blocking requires Desktop Window Manager (DWM.exe) to be running.

To check if Desktop Window Manager is running correctly on all your endpoints, go to Maintenance → Endpoint management. Problems with DWM.exe will be reported in the Missing SW column.

You can force DWM to run on Windows 7 endpoints by following these steps:

  1. Obtain an aero.msstyles file from a Windows 7 machine running DWM. You should be able to locate it in C:\windows\resources\themes\aero\
  2. Store the file on a network location, e.g. \\server\share\aero.msstyles
  3. In Group Policy Management Editor go to User Configuration\Administrative Templates\Control Panel\Personalization
  4. Set Force a specific visual style file or force Windows Classic to Enabled and set your network path to the aero.msstyle file.
  5. Set Prevent changing theme to Enabled.
  6. In Group Policy Management Editor go to User configuration\Preferences\Windows settings\Registry
  7. Add a new Registry Item:
    Action:
    Update
    Hive: HKEY_CURRENT_USER
    Key Path: \Software\Microsoft\Windows\DWM
    Value name: Composition
    Value type: REG_DWORD
    Value data: 1 (decimal)

These steps will force DWM to run after the endpoints are restarted and the users log in. In case a user used the Windows 7 Basic theme, two restarts might be required.

(0 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments: