Dear friend,
As I am working on DLP sincealmost last 2 yrs and sometime some idea comes into the mind to enhance the DLP agents role. As we know it protect aginst transfer of confidentail data but at the same time , I think it should have some function like we command from enforce to scan all the agents for some specific newely identified threat (data) and remove it from endpoint after informing the user (pop up) or keeping marker file there. I am sure this is very valuable idea to make more productive the DLP agents