I just have a request from the upper level to block copying data from a usb key to our system or network drives. I already have C: (system drive) blocking, but my boss now wants to block a usb key copying to our system. Any help or idea is appreciated.
Blocking Read would be simple, but we want them to be able to read from the usb key just not copying to the network drive or local disks. I know there is only Block, Monitor, or Read Only on the device control. I need another option to allow read, but no copying. Is there a such option?
I don't see how that could be achieved - for example, what if you open a word document on the stick, you want DLP then to stop you writing said document somewhere else?
It would be understandable if we based the behaviour on the content, but the "origin" is lost once the data is in the resulting application.
I told my upper level that it's impossible to block them from copying file to the destination. He wants me to investigate if there is anything out there can do that. ex. if some one walks in with usb key to do the presentation to us and if they try to copy a file to our drives it will be blocked. I'm at the end of the road for answer to this question. We do have anti-virus scan running on all our servers and workstation, locking local disks on worksations.
you can restrict what devices can be used with Device Control or HDLP, and you can restrict movement of data to sticks etc, but you are wanting to allow read and not save - that's pretty hard. If you wanted to block read that would be easier.