Theft prevention for sensitive information

The invention claimed is: 1. A non-transitory computer-readable medium that stores instructions that, when executed by one or more processors, cause the one or more processors to perform actions, the actions comprising: instantiating an instance of a remote application in an executing computing device; intercepting, at the remote application instance in the executing computing device, a first set of one or more draw commands associated with output of the remote application instance; providing, by the executing computing device, the first set of one or more draw commands to a rendering computing device for rendering a display of a first web page, wherein the rendering computing device is remotely located, separate, and distinct from the executing computing device; receiving, by the executing computing device, user inputs representing an action of a user of an instance of a local application on the rendering computing device with the first web page, the local application instance and the remote application instance cooperatively providing an application isolation session isolating the local application instance from malicious changes to the remote application; determining that the user action is directed to a target absent from a whitelist; determining that the user inputs representing the user action includes a trigger event of one or more trigger events determined based on a role associated with the user responsive to determining that the user action is directed to that target absent from the whitelist, the trigger event including a predetermined number of keystrokes satisfying a character variety requirement; responsive to determining that the user inputs representing the user action includes the trigger event, evaluating one or more characteristics of one or more fields in the rendering output of the remote application instance to detect one or more candidate sensitive information fields in the rendering output of the remote application instance on the executing computing device; evaluating one or more values of the one or more detected candidate sensitive information fields to determine that the one or more values include candidate sensitive information; generating one or more secure versions of the determined candidate sensitive information based on the evaluation; comparing the one or more generated secure versions of the determined candidate sensitive information to one or more stored values to verify that the determined candidate sensitive information includes actual sensitive information; and responsive to the comparison, preventing the verified actual sensitive information from being provided from the local application instance or the remote application instance to another application or computing device. 2. The non-transitory computer-readable medium of claim 1 , wherein the actions further comprise: before receiving the action of the user of the instance of the local application on the rendering computing device: detecting one or more key event listeners in script loaded in the local application instance or the remote application instance; and disabling the one or more detected key event listeners. 3. The non-transitory computer-readable medium of claim 1 , wherein the target is one of a second web page or an email address. 4. The non-transitory computer-readable medium of claim 1 , wherein the trigger event includes a form submit event. 5. The non-transitory computer-readable medium of claim 1 , wherein a total number of the one or more detected candidate sensitive information fields in the rendering output of the remote application instance is less than a total number of input fields in the rendering output of the remote application instance. 6. The non-transitory computer-readable medium of claim 1 , wherein evaluating the one or more values of the one or more detected candidate sensitive information fields comprises: evaluating the one or more values of the one or more detected candidate sensitive information fields for compliance with one or more enterprise sensitive-information rules; determining that the one or more values of the one or more detected candidate sensitive information fields comply with the one or more enterprise sensitive-information rules; and determining that the one or more values include candidate sensitive information based on the determination that the one or more values of the one or more detected sensitive information fields comply with the one or more enterprise sensitive information rules. 7. The non-transitory computer-readable medium of claim 1 , wherein comparing the one or more generated secure versions of the determined candidate sensitive information to one or more stored values comprises: providing the one or more generated secure versions of the determined candidate sensitive information to an enterprise authentication service; and obtaining from the enterprise authentication service an indication that the one or more generated secure versions of the determined candidate sensitive information have been verified to include actual sensitive information. 8. The non-transitory computer-readable medium of claim 1 , wherein comparing the one or more generated secure versions of the determined candidate sensitive information to one or more stored values comprises: comparing a generated secure version of a first portion of the determined candidate sensitive information to one or more values that are stored on the rendering computing device or the executing computing device to determine that the generated secure version of the first portion of the determined candidate sensitive information includes actual sensitive information; providing a generated secure version of a second portion of the determined candidate sensitive information to an authentication manager; and obtaining from the authentication manager an indication that the generated secure version of the second portion of the determined candidate sensitive information has been verified to include actual sensitive information. 9. The non-transitory computer-readable medium of claim 1 , wherein the actions further comprise: providing to the user an option to request that a whitelist include a web page that caused the remote application instance to provide the rendering output; obtaining user selection of the option to request from the user; and responsive to the request being granted, determining that the user action fails to include the trigger event during a subsequent occasion in which the web page causes the remote application instance to provide the rendering output and allowing the verified actual sensitive information to be provided from the local application instance and the remote application instance to a web host of the web page. 10. The non-transitory computer-readable medium of claim 1 , wherein the actions further comprise: notifying the user that the verified actual sensitive information includes one or more enterprise credentials that are prohibited from being employed with non-enterprise accounts, services, or web pages; and requiring the user to change credential information associated with the user and a non-enterprise account, service, or web page associated with the trigger event. 11. The non-transitory computer-readable medium of claim 1 , wherein preventing the verified actual sensitive information from being provided from the local application instance or the remote application instance to another application or computing device comprises clearing or modifying one or more portions of the verified actual sensitive information. 12. The non-transitory computer-readable medium of claim 1 , wherein the local application instance on t