Nigel ThorpeTechnical Director
Mistakes humans make with data – Mistake #3: USB sticks
10 Dec, 2020
Beware the USB stick
USB media offers a fast, simple way to transport, share and store data when an online transfer isn’t possible or easy. However, their highly accessible and portable nature can at the same time make them a complete business security nightmare with data leakage, theft and loss all too common. Then there is the risk of a malicious USB stick infecting a machine and providing a back door into the corporate network. Just in early November, tax returns contracts and bank statements were among ‘deleted’ files recovered from USB drives. Cybersecurity researchers from Abertay University discovered in the region of 75,000 files after purchasing 100 of them on an internet auction site.
The growth in remote working appears to have compounded these issues. According to recent research by Digital Guardian, there has been an increase of 123% in the volume of data downloaded to USB media by employees since the start of COVID-19. This suggests many of us have used these devices to take home large volumes of data. That means there are hundreds of terabytes of potentially sensitive, unencrypted corporate data floating around at any given time.
Fortunately, effective implementation of USB control, along with encryption can significantly improve protection against the inherent dangers. There are techniques and practises which can be used to secure the access of devices to USB ports. These form a key part of endpoint security, helping to protect both computer systems and sensitive data assets from loss and security threats that can be deployed via physical plug-in devices.
There are many ways USB control and encryption can be implemented. You could block the use of the devices completely, by covering up the endpoint ports, or by disabling their adapters throughout an operating system. However, with the vast number of peripheral devices relying on USB ports to function, including keyboards, chargers, printers and more, this will not work for many businesses.
So, a better solution is to use encryption, which protects sensitive data itself, meaning if a flash drive is lost or stolen, its contents still remains safe. This can be done by purchasing devices which have encryption algorithms built into them, or better still make sure all corporate data in encrypted all of the time – when stored, when in transit and when in use. That way, no one has to worry or decide which files must be encrypted before transferring to a USB device.