Sentry3FIPS_900x900-500x500The USB drive is everywhere- they can be purchased at every check out counter from office supply stores to convenience stores.  They are portable, small and can hold a relatively large amount of data and make data transport a breeze between office or school and home.  But with portability comes inherent security challenges.

USB device theft, accidental loss and the spread of malicious code can lead to data breaches, compromised customer information, loss of intellectual property and a loss of consumer and even stakeholder confidence. Unsecured and unmanaged USB drives have the potential to becomes digital weapons, as they are the perfect vehicle for delivering malicious programs and viruses. Unsecure USB drives can easily have their firmware rewritten, thus enabling them to inject code into every computer they come into contact with.  Often the owner isn’t even aware that their USB device has been compromised, so they continue to share the infected USB drive.

It may surprise you to know that only 50% of companies have a USB device usage policy, and only about one-half of those companies actually enforce their policies (The State of USB Drive Security, Ponemon Institute, sponsored by Kingston, July 2011).  If you don’t have a data security and management plan in place…you’re not alone.  But- there are things you can and should do to take immediate action! Properly managed, secure USB drives can be a useful tool for companies, and whenever that data becomes portable, a comprehensive plan becomes paramount to the success of data security.  There are several things to consider as part of your planning:

  • How do we get devices connected to a server and under the control of management?
  • Who is ultimately responsible for the devices?
  • Is the end solution compliant with legislation and the organization’s policies?
  • Does the security solution “make sense” for the real world?
  • What does the future hold for this technology?  Is it likely to be supported in years to come?
  • Does our strategy secure ALL of our digital assets, including secure USB drives?

Hardware encrypted USB flash drives are an essential component of a comprehensive data loss prevention (DLP) strategy. DataLocker offers both FIPS 140-2 level 3 devices and standard secure USB flash drives.  All secure USB flash drives from DataLocker can be managed by the SafeConsole central management system which offers enforcement of password policies, remote password resets and audit for compliance and much more.  For additional information or to learn more about our products, please contact us.

Developing a strategy to deploy and secure all digital assets along with implementing the right central management system will create a seamless, secure workflow solution.  It is incumbent upon organizations to mitigate the potential for a USB data breach, which could cost millions in the long run.