Hi Tamoor,
If you are using cloud mail protect and the user is using an app say o365 app to send the email then the mail will be routed through the connector to the cloud dlp. The cloud DLP will detect the mail if the user is sending confidential files.
If you are worried about the user transferring confidential files from the network to there mobile device by plugging the phone into the workstation then you could use DLP endpoint agent and and block files being transferred to usb devices. This would stop the user transferring files and emailing them off there mobile dsevice using a personal account.
However if the user has the office 365 app installed on the mobile device and they download the attachment to there own personal device and forward this on using a 3rd party app then there is no real way to stop this.
The best way to stop these kind of things would be for the company to issue company phones and use some kind of device management to stop 3rd party apps being installed and files being downloaded. The issue we are faced with today is that a lot of people use there own personal devices for communicating for there work. Symantec don't extend the agent out to mobile devices, although i have a feeling in the near future they will make this a feature.
I hope this helps a little. If you have any more questions feel free to ask away.
Thanks