How can I prevent users from stealing files from our company by copying to pendrive, email, etc..?

Posted on 2014-09-29
Last Modified: 2014-10-13
We have a Lan of about 80 Windows XP Pro  and Windows 7 Pro clients which connect to 4 Windows servers; two Windows 2003 R2 Standard and two Windows 2008 R2 Standard. I don't have a domain, we have a Workgroup configuration.

We have files and folders we share with the clients, mostly pdf's, Word, and Excel documents. Our files contain Internal Procedures that our users refer to every day, but we don't want them to be leaked outside of our organization.

How can I prevent users from stealing these files from our company by copying to pendrive, email, etc..?

Thank You!
Question by:pcelements

Accepted Solution

valmatic earned 250 total points
Comment Utility
gfi endpoint security is a nice tool to stop leaks. Check it out.
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 250 total points
Comment Utility
have a couple of customers running this:

lets you either refuse to allow users to mount removable media, or force encrypt removable media (so it works fine in the machine, but is unreadable on any machine not part of your corporate managed machine set)
LVL 53

Expert Comment

Comment Utility
This question is seen here every now and then.
The discussion mostly shows some technical measures, but in the end, it comes down to "you can't".

As soon as you allow them to carry a mobile phone, they can make photos of their screen, they can scroll through documents and film it. They really don't need usb or mail to get the data out. Of course, as soon as printing is allowed (and not closely monitored), they can take away hard copies as well.

So feel free to restrict what you can using usb-/removable media restrictions, content inspection for internet data traffic and so on, but be assured, that all they can read can get out, so best would be to restrict who can see what as closely as possible.
LVL 33

Expert Comment

by:Dave Howe
Comment Utility
@McKnife: that is true in general of course, but in this case, the OP specifically asks about preventing copying the files to media or email :)

Author Closing Comment

Comment Utility
Thanks! I will try both and see which one works for me.

Featured Post

The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

Join & Write a Comment

I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
By default, Carbonite Server Backup manages your encryption key for you using Advanced Encryption Standard (AES) 128-bit encryption. If you choose to manage your private encryption key, your backups will be encrypted using AES 256-bit encryption.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now