diff --git a/Install-PromtailOnWindows.ps1 b/Install-PromtailOnWindows.ps1
index d4f88c4..24ecbf7 100644
--- a/Install-PromtailOnWindows.ps1
+++ b/Install-PromtailOnWindows.ps1
@@ -335,6 +335,17 @@ $logDetails.Enabled = $True
 Set-LogProperties -LogDetails $logDetails
 Get-LogProperties 'Microsoft-Windows-DriverFrameworks-UserMode/Operational'
 
+## The below line will update the group Policy to enable the removeable storage audit, if GP edit exists
+
+if (Test-Path 'C:\Windows\System32\gpedit.msc') {
+    Write-Host 'Enabling Group Policy - Audit removeable storage.'
+    auditpol /set /subcategory:"Removable Storage" /success:enable /failure:enable    
+}
+else{
+    Write-Host 'c:\Windows\System32\gpedit.msc does NOT exist, Exiting on safety grounds'
+    exit
+}
+
 $downloadUrl = "https://github.com/grafana/loki/releases/download/v2.9.5/promtail-windows-amd64.exe.zip"
 $downloadWinSWUrl = "https://github.com/winsw/winsw/releases/download/v2.12.0/WinSW-x64.exe"
 $winSWFilename = "WinSW-x64.exe"