Policy guidance how to create the exception for the usb access for the official?
Hope it be help you
For USB
https://www-secure.symantec.com/connect/articles/create-white-list-usb-disk-dlp-agent
For Email
http://www.symantec.com/connect/articles/create-dlp-policy-add-exception-ignore-emails-send-internal-users