Yes, DLP Endpoint can monitor and block the sensitive data to be transfer to SD card, no matter the laptop is on the cooperation network or off the network.

If a forum post solves your problem, please flag it as a solution. If you like an article, blog post or download vote it up.

Yang: Couple of days back I had an incident wherein data was transfered to SD and it was captured by the DLP, but it was not prevented. Whereas all my data transfer to pen drives are blocked. So is there any special configuration for preventing data transfer via SD card.

yes, You can do the same. But what exactly you wanted to achieve. You completely wanted to block any data transfer to SD card or only SD card Since you can do it by disable by endpoint Protection policy setting .

If you wanted to block only confidenhtail data than you should add class ID of that SD card devices. you should also take help of DLP application monitoring and control feature. 

https://www-secure.symantec.com/connect/forums/dlp...

https://www-secure.symantec.com/connect/forums/usa...

In short the services which helps to copy any data tranfer throgh some device driveres for medium bluetooth, wifi,usb,SD card can be blocked.

@ vstanley : Possibly, the data which was transferred to the SD card was protected under an IDM policy.

Endpoint Prevent cannot prevent the transfer of sensitive data under IDM Policy because it takes time for the DLP to match the sent data with the IDM Profile. However, the Admin or the concerned authorities will be notified with an Incident.