Do you know how most personal and business data breaches happen? Lost laptops, portable hard drives and USB drives.
Now many of us have some kind of security practice in place for lost computers and USB drives, whether it’s encrypted drives with remote wipe, or a call lost-and-reporting procedure. But how many of us having USB drive best practices on the books? Not many.
Yet USBs, because of their size, are more likely to be lost than laptops or smartphones. And loaded with sophisticated malware and virus, USB drives have been used to penetrate some of the world’s most sensitive networks, from the Department of Defense on down.
The worst military breach in U.S. history occurred a decade ago, in 2008, when a USB flash drive, containing malware, infected the network and resulted in the Department of Defense’s sensitive information being leaked.
USB drives are popular for storing and transporting data easily, but at the same time, this features make them convenient for hackers to introduce security risks. Mostly because an attacker needs physical access to your device in order to infect it.
This event was a wake-up call for many in the cyber security space, and efforts have been made to expose the risks that these flash drives create.
So how do you prevent against lost data or network intrusions associated with USB storage devices or thumb drives?
Here are the best practices for protecting your USB drives,
1. Be careful where you purchase your USB drives from, as some shady third party manufacturers are known to manufacture these devices with malware on them. Always buy your flash drives from reputable, well known manufacturers as well as sellers.
2. Use encrypted USB drives, there are several ways to perform encryption on USBs. You can either purchase the USB flash drives that are hardware encrypted Or you can install specialized encryption software on your USB flash drive.
3. Don’t plug unknown USB drives into your computer, USB Drives that are found in public may be infected with malware or can be purposely configured to download a malicious program onto any computer the USB drive is plugged into. Opening unknown files from unknown sources puts both your computer and your critical information at risk. So do NOT plug it into your computer to see what’s on it.
4. Don’t use the same USB drives for personal and work computers, as you may end up with copying your personal sensitive information to your work computer or vice-versa.
5. Keep the internet security, anti-virus, malware detection softwares on your computer up to date, since software updates are very crucial for the security of your computer, as they patch known vulnerabilities.
6. Regularly audit your USB device, remove any unneeded old files and possibly, use any data wipe-out tool to delete your data permanently.
7. Make sure to scan your USB first, whenever a thumb drive is plugged in. This can help ensure no malware or malicious programs are on the drive.
8. Take regular backups of your USB devices, ensure that backups are properly safeguarded. It’s also another excellent way to keep track of what information is being moved to and from the device.
9. Use USB drive on a need-to-have basis, it will limit exposure and reduce the risk of your critical data being transferred away from you.
10. Have a limited count of the USB devices, list them by purpose and use safely and securely.
Usage of portable media storage devices are still significant in our day to day contemporary life. Ensuring proper data protection with a best practices offers significant risk reduction and can prevent data breach. Good Luck, Stay Safe.