A study conducted by the Ponemon Research Institute called “ The State of USB Security” found that majority of organisations that participated in the study are not aware or don’t fully understand the risk employee negligence could pose due to lenient USB drive use in the workplace. This means that organisations also fail to secure USB drives used in the workplace. According to the participating organisations, their primary reasons for lack of USB security include reliance on the trustworthiness and integrity or employees, thinking that they’re not really at risk, and uncertainty concerning monitoring the use of USB devices in the workplace.
The Effects of Unsafe USB Practices
The study likewise found that the participating organisations have experienced significant losses due to USB drive-related data breaches. According to the study, the participating organisations lost over 12,000 records on employees and customers due to missing USB devices. With this in mind, below are USB security practices you should implement to avoid suffering the same fate as these organisations.
Research Your Options Before Purchasing
Every USB drive is different. Some have preconfigured or preinstalled security features such as encrypted USB sticks. Likewise, note that certain companies and brands are more sophisticated and secure than others. That said, check out reviews online and ask other business owners for recommendations.
The Use of USB Devices Must be on a Need-to-Use Basis
Consider disabling storage devices and USB functionality on computer systems that could access your company’s sensitive data. This would reduce exposure and limit the risk of access to and theft of your sensitive information.
Prevent Cross-Contamination
Majority of security breaches related to USB device use are because of infection from another device due to cross-contamination. Educate your employees on safe USB drive practices. For starters, tell them to never insert a USB stick into unknown computer systems or devices and never use unidentified USB drives on company computer systems. If they must do so, they should first run a malware scan and ensure that the device is 100% clean.
Consider Buying USB Drives with Advanced Features
Some USB drives feature remote management functions including remote lock and remote wipe. While others also have very strong and multilayered password protection, stringent re-entry restrictions, as well as functions for disabling potable apps. Other could even be programmed to self-destruct. Some features that are also great to have include geotagging and event logging so that information on which computer and where the drive was used would be documented.
Use Passwords for Individual Files
While very simple, this tactic is very easy to do and offers an extra layer of protection for your organisation. You could password protect Microsoft Office files that you store in a USB stick simply by designating a password for each file when saving. You could likewise do the same sections or entire folders on your USB stick on newer Mac and Windows operating systems.
USB drives these days are becoming more and more advanced, but so are cybercrimes and malware. Fortunately, using common sense and employing the USB security practices above could save you a ton of grief and resources later on.
