Policy enforcement that is bypassed for security features such as encryption, needs to be overlaid via an automated data protection offering, where movement of the data from the device is controlled via DLP policies that cannot be overridden or bypassed.