The usage of flash drives or USB removable media is quite common in any workplace; but having a closer look at it, it is potentially an internal security threat. In the past few years, we have seen so many organizations tracking down the loss of sensitive/confidential information to have happened owing to usage of USB drives and other mass storage media. Cyber-security breaches and data theft are making more and more IT leaders paranoid about security than ever before.
Do You Know How Data Leaves Your Organization?
- When your employees plug in USB devices try to back their data up without involving the IT team
- When a disgruntled employee decides to just copy sensitive information and tries to leak it externally
- When an employee’s unsuspecting USB device has a malware in it which can automatically trigger a script or code to install or run on your system and steal data
- Irresponsible usage of the BYOD policies may have a role to play, especially when the devices are used as mass storage devices to transfer data
The Impact: You Get Hurt Pretty Bad!
The loss or theft of sensitive information is not limited to the realm of emails and contacts, but it can also extend to more sensitive information such as:
- Loss of copy-righted information
- Intellectual property data
- Deviation from compliance regulations
- Access codes and secure login credentials
All these severely impact the victim organizations in terms of financial and reputation loss.
Watch this video where John gets paranoid about his experience of becoming the victim of USB data loss sharing any information owing to his past experience.
Don’t Allow Data to Walk Out of the Door – Tips to Stay Secure!
Here are some tips to ensure you keep your data protected on your network, servers and workstations.
- Set up access rules & policies so only authorized employees have USB access
- Ensure to remove sensitive information access from employees once the purpose of using the information is fulfilled
- Do not leave old or unattended data on end-user systems
- Build strong BYOD usage policy and disallow using employee-owned handheld devices as mass storage devices for data transfer
- Monitor the log activity of all your enterprise workstations and USB endpoints
How Does Log Management Help?
Continuous log monitoring of your IT infrastructure will help collect logs from all your workstation endpoints and trigger real-time alerts to notify you of USB activity on the network. With automated incident response available in log management tools, it’s easier to take preventative action and automatically disable USB connection in real time.
Watch out for more posts and security tips throughout this week!