dlafferty
asked on
How could a small firm detect a large group of files being copied to USB or offsite device
I am looking for an easy and cost effective way to be notified in the event that files are copied to a USB drive or other offsite device. We have a Windows 2008 R2 server with a few file share folders and 10 users. I would like to see a clean report of who access what file and when and see if mutiple files ever get copied to a USB drive.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
1) enabling auditing on the shares, will record who accessed/modified/etc. files in the share.
2) using a GPO to disable storage based USB devices, will prevent recognition of USB devices in systems. Symantec end Point and possibly other enterprise type anti-virus/security include an option to record events i.e. usb storage insertion and file copying to it.
3) as to copying files offsite through the internet can only be controlled through the control of access to the internet (proxy server, etc. that limits the destination) the person can always email,
With the proliferation of cloud dropbox, etc.
One option is to use a document management system that requires individuals to check out documents.
Depending on your concern, there are other ways, printing it out, copying the screen, etc.