Never, really giving it much thought; I, like many others, insert a USB drive into my company PC, highlight a company folder with confidential information; drag…copy…paste to the little, portable and infamous USB flash drive that we’ve all come to depend on for easy sharing of information with others. Later; Hmmm! I can’t find it! Where is my USB Drive?
Just how many companies out there worry about external security breaches but don’t think about their own internal organization?
A recent survey of 302 IT decision makers in the U.S. and Canada (Conducted by Harris Interactive on behalf of Imation) revealed nearly 37 percent of IT decision makers report unintentional exposure of corporate data through theft or loss of removable devices in the past two years. 91 percent of companies allow removable storage devices on their corporate networks, but only 34 percent enforce encryption on those devices.
In addition, 81 percent of the U.S. and Canadian IT decision makers reported that their companies have a policy regarding the encryption of corporate data on employees’ removable storage devices; however, only 34 percent enforce encryption on both personal and company devices on their networks, and only 35 percent enforce encryption on company issued devices. Twelve percent leave it to the user to enforce encryption.
Of the 91 percent of storage devices allowed on U.S. and Canada corporate networks, 83 percent of users use USB flash drives as one of their devices. No encryption, no policy or no enforcement of the encryption policy. So, how does a company easily and affordably start getting control of what their own employees plug into their corporate PCs?
In the new mobile era, USB monitoring and defense is becoming more important with the increasingly use of USB storage devices as it has created a new security breach in the corporate network; your own internal organization! The operation of copying a file to a flash drive can, literally, take just seconds. And, so can losing it! IT organizations can consider a few different types of options to reduce the risk of security breaches and the compromise of corporate data through USB devices:
- Entirely shut down all USB ports
- Ignore the issue
- Spend a lot of money on a Data Loss Prevention (DLP) solution
Any way you look at these types of options, you’re taking the chance of reducing productivity, making the user unhappy, just asking for security breaches or explaining to your boss why you’re going over budget on a solution that is way over-needed.
A USB defender will allow IT to set rules on what types of USB devices are allowed on the network, usage monitoring, alert/block and record all files that a user is copying to the USB. This type of option will keep productivity up, keep your users happy, block security breaches and with the right product, stay within your budget.
Are you one of those companies who only worry about external security breaches? THINK AGAIN!
SolarWinds award-winning Log & Event Manager provides Log collection, aggregation, and correlation along with a unique active response and USB defender technology. A free 30-day trial is available here.
Debbie Russo is SolarWinds’ Product Marketing Manager. Debbie has over 10 years of experience in developing and implementing successful direct and indirect marketing strategies for high-tech companies ranging from start-ups to Fortune 100 organizations.