If a user has a laptop that is not part of our domain and therefore has no DLP agent or is using an OS like Windows 8 on our domain that has no DLP agent support, what tool will create incidents against the user mapping a drive to the file server and then copying sensitive data?
The user will have a domain account so they can access the file share by mapping a drive, but since the user does not have a DLP agent installed on the computer they are using, there is no way for them to see any warning message about it.
Would an endpoint agent need to be installed on the file server? Even if there were an agent on the file server, the user would not be able to see any DLP messages since they do not have an agent on their PC.