[SOLVED] Computer System that Restrict Data For Going Out Of The System

[dualkeyboards]

hi, i was asked by my boss to find some info about computer system that can restrict client for bring out data out of the system. he wants to restrict the employees for bringing home some data or such as leaking it out.
i was thinking about diskless system, but do they still be able to copy things to USB storage or uploading them to cloud? i am working at CNC company and some of the drawing data is confidential

 

[bill001g]

Although there are likely specialized programs the most common way to do this is with microsoft group policies.

You can put many restrictions on files and do things like disable USB ports. Since the users do not have admin access to the machine they can not change this and even with admin access it is hard to undo group policy stuff.

You will have to strictly limit what sites the machine can get to. I can't see a way you would prevent someone who has a right to look at a file from doing a cut and paste to a site like this one.

Best option tends to be completely isolate machine that have sensitive data with no ability to access the internet. If internet access is needed it is done from a different machine that has no access to the sensitive data.

Still someone who is determine will get what they want. They can easily just take a photo of the screen.