sconeu asks: "The company I work for is going through some growing pains. This is a -good- thing, but due to the growth, some changes are necessary. I'm the guy who does IT and IT policy, however I'm actually a developer by job description -- I was doing IT on the side. Anyways, we're going through growth, and one of the things we are trying to address is security. Currently, our policy is wide-open (for internal machines). The owner has expressed some reservations about the increasing use of flash drives, in an overall security setting. Everyone involved here realizes that there's not much we can do against a malicious employee, but we're looking to avoid accidental data loss from USB sticks, and other solid-state storage media. Has anyone on Slashdot dealt with this issue? What policies and protections did you end up putting in place, if any?"