I want to implement Data Leak Prevention (DLP) system in my company. But my requirement is to implement such a way that normally all documents can be copied outside company through pendrive. But if required, some documents will be encrypted which may be rout / float inside company but if copied outside company network, those will become unreadable.
Is it possible? If possible what is the best solution?