Progress in new technology, driven by the drop in the price of Nand Flash, has led to a number of small devices that can hold a significant amount of data. The device that epitomizes all of this is the USB flash drive. In 1999 a 16MB USB flash drive cost £ 50, now a 4GB USB flash drive costs just £ 10.

USB flash drives have been a great friend to businesses for the past few years, making it quick and easy to transfer data from one machine to another and bring work home to finish without the need to carry a heavy laptop. However, since flash drives can store ever-increasing amounts of data and transfer data faster than ever, some companies are considering USB flash drives as one of their biggest security threats.

Business use of USB flash drives presents three categories of risk: contracting a computer virus; data loss and data theft. All three are quite serious: a computer virus could wipe out a company’s IT infrastructure and erase its most important files; if the company does not have an effective data backup, this could ruin it; If a company has confidential information and loses it, the company could be found to be in breach of the DPA and could be fined a crippling sum of money, not to mention damage to its reputation; If a salesperson walks away with their entire customer database and gives it to their new company, they will lose at least some customers.

Fortunately, there are some solutions to reduce the chances of companies falling victim to one of the sad situations mentioned above.

 

1. Removing USB ports – Removing USB ports is a pretty severe reaction to this potential threat and is often practically difficult to implement, many companies use USB ports for their mice and keyboards and they should all be changed.

2. USB Drive Encryption – Encryption on a USB flash drive can take one of two forms: hardware encryption or software encryption. Hardware enrollment forms may include only allowing access to the USB flash drive after the user has authenticated their authority using a password, encryption certificate, or biometric authentication (most commonly fingerprint recognition, but sometimes also fingerprint recognition). retina). Encryption of storage media can also be managed through software, two examples are Microsoft’s Active Directory and Novell’s eDirectory, both of which can be configured to use certificates for data stored on USB flash drives.

3. Restrict access to important files on critical servers: As with the entire company, access to information should be granted as needed and taken away from employees as soon as they no longer need it: If you are going to alert someone? Is it worth letting them have access while they stay outside?

4. Monitor company employee access to confidential files – Just because your employees have access to your data doesn’t mean they have rights to do whatever they want. Monitoring your behavior with sensitive data is the best way to spot any unusual patterns and can give you time to act and stop any potential data leaks.

5. Limit the size of data transferred to USB drives – Data transfer restriction software can be used to protect confidential files by limiting the size of files that can be copied to a USB flash drive. The file size limit should simply be set to the size of the smallest confidential files.

6. Enforce USB flash drive policies: Enforce USB flash drive policies can go a long way in reducing the risk of accidental data loss; Policies alone cannot prevent a disgruntled employee from doing harm. Here are some policies to consider: USB flash drives should only be used for data transfer and not for storage. Data should not be on USB flash drives for more than a week. Data should not be transferred to USB flash drives without the prior consent of an administrator.

7. Firewall and antivirus: Viruses can be contracted from USB flash drives as well as they can be contracted with any other type of medium. To stay safe, make sure you have the latest updates installed for any antivirus software you use.

Although removing USB ports is the only 100% safe way to ensure that USB flash drives pose no risk to you, it is not a solution, the benefits of USB flash drives are huge and getting rid of them would be one step. back for computing. By keeping an eye on the behavior of company personnel and using one or more of the security solutions mentioned above, you can protect yourself from flash drive misuse while benefiting from its versatility.