USB Flash Disks: A modern day business curse?

Is the small USB drive that’s resident in many professionals’ pockets these days actually housing a major security threat? We investigate…

USB Flash Drive

On-site technical support is, as the majority of IT staff will happily tell you, a succession of running battles at the best of times, without the input of unwelcome surprises.

Yet, over the past few years, the market has seen an explosion in the number of USB flash memory sticks in people's possession. Where once they were a nice gadget, a flashy accessory, they've increasingly become a day-to-day storage solution that a greater number of people are relying on.

Part of the reason for this explosion in ownership and use is cost. Even corner shops have been known to have a 1GB stick on sale, rarely costing more than a tenner or so. In fact, one British stationary chain was selling a five pack of 1Gb sticks for 20 this past weekend.

Then there's the fact that modern computers universally accept them, in the vast majority of cases not even demanding a driver installation to do so. But the other factor is the sheer convenience of carrying everything round, be it pictures, work, large presentations or whatever, on something that laughs at the physical size of an optical disc.

Call SecurityAnd yet with great convenience comes great problems, as the USB flash disk is proving to be a security nuisance of some gravity.

The first and most obvious reason for this is the disks themselves. While more premium models come with some form of in-built protection software, so that at least you can password-protect or encrypt the contents of the disk, the majority don't. Furthermore, even when people tend to have the option of protecting their data, it's not one that they tend to explore.

As such, flash memory disks, often containing vital business information, are proving to be a real threat. After all, any data stored on a network has levels of protection that will at least keep all but the most determined data bandit at bay.

Yet one pickpocket, or one disk falling out of a pocket on a bus, and that could be every security barrier gone in a quick second (and let's face it, how many of us have seen a flash disk lying around at some point, with no clue as to who the owner is, or their whereabouts?). The secondary issue tends to be that many also don't back up the data on a flash disk with any regularity, so even if the lost data doesn't fall into the wrong hands, there's no recent copy to fall back on.

Network administrators can spend huge sums of money on implementing adequate security, and plenty of time on educating users on the importance of protecting data, yet one small device the size of an eraser can make all that work moot. No wonder a growing number of companies are introducing a blanket ban on them.

MalwareBut there's another problem too: that USB flash disks are a Trojan horse for bringing all sorts of malware right into the middle of an organisation.

This is rarely intentional, of course, but again it comes down to the fact that a USB disk tends to be used in an environment outside of a company's control.

Thus, it could be used on an individual's home computer whose defences aren't watertight, and that provides a path for malicious software to end up on the disk. Also, users even if the USB disk is provided by their business inevitably use it for personal reasons too, such as moving music and movies around. The same is true the other way round too, that personal drives are being used to move around business data. Any mix of personal and business usage on a single drive raises a flag, but this is happening in a way that is simply impossible to monitor.

Featured Resources

Consumer choice and the payment experience

A software provider's guide to getting, growing, and keeping customers

Download now

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Download now

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Download now

How to increase cyber resilience within your organisation

Cyber resilience for dummies

Download now

Recommended

Cryptocurrency crimes have increased 12-fold since 2016
cryptocurrencies

Cryptocurrency crimes have increased 12-fold since 2016

22 Jun 2021
NSA releases guidance on voice and video communications security
Voice over Internet Protocol (VoIP)

NSA releases guidance on voice and video communications security

18 Jun 2021
Ransomware criminals look to other hackers to provide them with network access
ransomware

Ransomware criminals look to other hackers to provide them with network access

17 Jun 2021
CVS Health data breach leaves a billion records exposed
data protection

CVS Health data breach leaves a billion records exposed

16 Jun 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

16 Jun 2021
Q&A: Enabling transformation
Sponsored

Q&A: Enabling transformation

10 Jun 2021
What is HTTP error 400 and how do you fix it?
Network & Internet

What is HTTP error 400 and how do you fix it?

16 Jun 2021