Showing results for 
Search instead for 
Did you mean: 
Level 7

To monitor files copied from USB to PC

Is there any way we can create a rule/check to monitor/capture evidence incoming files that are copied by a user/group from a removable device to the PC.

This rule helps in determining who is bringing non business related data to the organisation.

0 Kudos
2 Replies
Level 11

Re: To monitor files copied from USB to PC

There is a capability when you tag data from a shared location/web application and DLP agent can trigger a reaction rule when user tries to copy the same to endpoint. I don't really think there is an option to monitor everything what else is copied from removable drives to end-point (you can create a rule to monitor all the files copied from end-point to the removable device though). The DLP is designed to monitor classified (sensitive data) that you might loose from your end-point.

- Amiya

0 Kudos
Level 10

Re: To monitor files copied from USB to PC

Strongly recommend reading this blog

and then watching the YouTube videos, they are very informative (Hint:

McAfee has a huge library on YouTube which apparently they dont bother to tell customers about.

I think video 3 covers how to track file copying......we are testing it here.

Its a protection rule, I believe.  The videos are pretty good at explaining stuff that is VERY POORLY covered in the DLP manual.

Let me know if you get it figured out b/c we are on the verge of this ourselves.

0 Kudos