Symantec DLP can fulfill these points

One of our client raise below point. He want to make sure that Symantec DLP and Encryption can fullfill his requirements.

We discuss Symantic DLP, encryption and end point solution andlooking for a solution to achieve the following conditions for Office 365 SharePoint online & On-premise fileserver encryption and security:

1. If a user copies a file from cloud on an external media (USB), as the file will be encrypted and can only be opened on a registered computer/laptop, then risk of unauthorized external sharing of content can be mitigated.
2. Content shared with external entities vendors and others should be time limited, having read-only access; and time limit access to downloaded content/files.
3. Provision is required to revoke access from any Folder, Document of any user or group of users; using proper approval mechanism.
4. Provision is required to centrally manage all access privileges of Folders and documents; a copied document on external media/ to local hard disk/ to email attachment must have a defined shared life; after which it should not be in readable state.
5. Documents movement and/or changes to access privileges and/or sharing with other users or with other departments or external parties, should be allowed with proper authorizations by respective heads of departments.
6. Movement of documents should be restricted to within its parent Folder hierarchy; e.g. a document under finance root folder, cannot be moved to another root folder's sub folder location.
7. Change in any document or set of documents security privileges should require approval from the respective head of department.
8. Any document, the moment it is created/ saved in the cloud, must have full access granted to the owner of document and to his/her head of department, as a default policy
9. Provision to restrict taking screenshots of opened documents.
10. Auditing of all activities performed by all users on any document/ folders must be enabled universally on the file storage;

For each document classification, only a defined list of people should have access; with the provision to give varying degree of accessibility, like read-only, read/write, read/print, cannot use in email attachments etc;

1. automatic encryption of emails body and attachments; view-able by the recipients only.
2. Restrict un-authorized user from accessing file
3. Restrict email from getting copied.