How to securely use USB flash drives
14 February, 2020
USB storage devices have long been an epidemic to companies’ data security. Since 2008 when a malware-infected USB flash drive caused the worst breach folks military computers in history, organizations became more conscious of the risks USBs pose, but data security strategies rarely deal effectively with them.
The reasons for it are fairly simple: USB drives tend to go away the confines of company networks where security policies are at their strongest. USBs are small and, therefore, easy to lose, forget, and steal. Employees can connect personal USBs or flash drives of dubious origin to their work computers. Third parties can connect infected USBs during a moment of carelessness from an employee travelling for business.
While a knowledge breach by itself are often disastrous for any company’s reputation and bottom line, within the age of the GDPR, data protection legislation makes the results even more severe. When a careless employee lost a USB with over 1,000 confidential files, including sensitive security and private information, Heathrow Airport was fined £120,000 by the united kingdom Information Commissioner’s Office.
With the risks so high, some sectors have chosen to ban USBs altogether, but there's no denying their usefulness on the go where they're often wont to copy presentations, important documents needed for meetings or off-site printing. So how can companies still use USBs, but ensure they're protected against the most important risks that accompany them? Let’s have a look!
Educating Employees
A popular social engineering technique to infect computers relies on individuals’ curiosity or desire to assist others. If someone finds a USB during a public place, he or she might want to return it to its owner or would be curious to ascertain what's thereon . A seemingly harmless lost USB are often riddled with malware, infect a computer, and, if it's a piece laptop, once it returns to the office, it can continue to infect the entire network.
It is, therefore, essential that employees understand the risks of unknown devices and are discouraged from connecting suspicious USBs to their computers, whether reception or while working. Poor security practices reception can cause unknowingly infected personal USBs connecting to the corporate network. A well-informed workforce is more conscious of the risks USBs pose and are better equipped to react if they're faced with a suspicious device.
Limiting the utilization of USBs
Some companies prefer to limit the utilization of USBs. this will be done through specialized software that permits organizations to regulate a computer’s USB and peripheral ports and monitor, lockdown, and manage devices that hook up with endpoints. during this way, companies can make sure that only trusted devices can hook up with a computer. Trusted devices are often USBs issued by the organization or reliable vendors or only secure devices like those using encryption.
These policies, if applied on the endpoint, also will work remotely, ensuring that computers are protected when outside the security of the corporate network
Encryption for USBs
When it involves company-issued USB storage devices, organizations should consider encryption as a simple thanks to protect any information saved on them. during this way, albeit USBs are lost, forgotten, or stolen, the knowledge on them can't be accessed by outsiders without a password, eliminating the danger of a knowledge breach and therefore the hefty fines that accompany it.
Some tools, like Endpoint Protector’s Enforced Encryption solution, are often deployed automatically by admins to all or any trusted USB storage devices once they are connected to a network computer. Once it’s installed, any data copied onto the USBs are going to be encrypted with government-approved 256bit AES CBC-mode encryption.
Other features include the likelihood to reset passwords remotely just in case they were compromised, limiting the amount of times someone can insert a password also as expiry dates for them.
In Conclusion
USB storage devices are a frequent and highly dangerous blind spot in data security practices. Companies must develop data protection strategies that also address their vulnerabilities as devices through which data transfers occur, but also their increasingly common role in cyberattacks. By, among others, employing a system of trusted devices and applying encryption to files transferred onto USB storage devices, organizations can effectively mitigate the risks that accompany their use.
Source:
TAG(s):