USB Drive Security

Edward Snowden, the man who recently leaked NSA secrets to the press, allegedly used a USB thumb drive to copy secrets about the PRISM spy program from the US National Security Agency (NSA).

Thumb drives, while very convenient for many purposes, are a huge security risk.  They can be easily lost, exposing your information to whomever finds it.  And, they can be used to infect computers with malware.

But perhaps the biggest risk is that a trusted IT vendor or employee will download gigabytes of information, pop the thumb drive in their pocket and walk out the door with it.  To protect your company there are several options:

Some companies have gone as far as using silicon caulk to fill in the USB ports on their computers.  This obviously prevents the use of thumb drives, which may not be practical if you have a company that needs to download large files for PowerPoint presentations, etc.

Other companies have begun using alert systems, that alerts the IT department or both the user and the IT department when someone is trying to copy files to a thumb drive.  The user is generally prompted to call IT for permission.

Most companies however are using encryption software, which allows the free use of thumb drives, but renders the information meaningless without an encryption key which must be requested from security or management.

We recommend the use of an alert system.  Encryption is also a good idea, but encryption can be broken without a key by sophisticated hackers.  With the alert system, there is a record of attempts to access information.

Advertisements
USB Drive Security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s