I have been searching the net for a while on how to disable USB flash drives via GPO, most of the information I have found is to disable the autorun function; this is however not what I am looking for.
The company I work for considers it's data to be very sensitive and would like to prohibit any employee (apart from top management) from using a flash drive and/or be able to copy data from the server to their PC's. I know I can disable USB ports via the BIOS but that would mean that mice and keyboards would also stop working.
So, in short, can anyone point me in the direction of some useful information regarding GPO and the restriction of moving/coping data off the companies file server? We are running Server 2008 R2
Thanks in advance.