I think within the USB Device control it would be good idea to have a logging facilty where it logs against the computer name what are the file names put onto the USB stick to allow a complete auditing of what users within a company are taking off the internal network and whether they acturally have authorisation to do so.
I think there should also be a button to which you can suddenly block there control as well if you feel the information taken was un-just.