How to Secure Thumb Drives
DarkReading has recently published an article exploring the methods and reasons why company should secure their thumb drives. The first issue they bring into our attention is whether stolen or lost USB are less often reported (when compared to laptops for example) because companies have learned to protect them or because they are so hard to track, no one has any idea of how many have been lost or ever used within a certain network.
I’d have to say that unless companies cut access to their USB ports or implement a comprehensive endpoint security application, no one will ever be able to tell how many employees have ever used flash drives to carry data to and fro the office and how often they have misplaced them.
Here are a few of the security methods presented by DarkReadeing that a company is presented with and has to choose from when trying to prevent the damages thumb drives entail:
- blocking all USB ports on all network computers – I would say that’s impracticle as instead of benefiting from all advantages of easy portability and storage, a company would force employees to use other methods to carry their project between work and home. And to my mind, it’s harder to secure an entire laptop than it is for a thumb drive.
- Relying on the security software USB producers advertise – could work, given the security is not a marketing scam only. If it’s not, what is offered, points out DarkReading, can be quite limited
- A hybrid approach mixing advanced data encryption with a system to allow only certain pre-aproved USB drives.
- Using cheap drives and open source encryption technology, but only when you really trust your employees. I’d say this is a bit futile, as if trust is what you base the security policy on, why implement it in the first place? Security is not a matter of trusting or not trusting personnel. It’s a matter of noticing breaches can happen to anybody and that all employees are human and can easily err. Or get really mad at you and hurt your business on purpose.
