I have a love/hate relationship with USB Flash Drives: I have a few of these Cruzer
Titanium USB drives of varying capacities, but the 16GB version I have on my key
chain has been trodden on (also by my horse, Papillion), dropped in the mud, been
through the washing machine and dryer (I really would not recommend trying this),
and yet has survived to tell the tale! I don’t think even Sandisk would expect it
to survive this kind of punishment. I keep the data secure using the fantastic Truecrypt
software, and have challenged my techie friends to crack it - so far none have managed
it. So, overall I am very happy with my little drives.
Having said all that, their
diminutive size and yet extraordinary capacity makes me nervous...
Okay, they are innocuous devices that do nothing more than help people carry around
their most important files.
Individuals and ALL companies need to remind their employees about safe net use.
A USB drive is an important business tool for a lot of people, the fact that they
are cheap, portable and spacious has helped an increasingly mobile workforce.
But, flash drives are a definite management headache for many if not ALL companies.
Rogue devices
Few companies do not have any idea what was being done with these drives or for that
matter, any other removable media. The security firm Insightix has showed that organisations
can have large numbers of "rogue" devices joining their networks every day. The company
said that, on average, 20% of the devices connecting to a large organisation's network
could be classed as "rogue". Unless organisations know who is connecting to their
network and what they are using, managing what they are doing is impossible.
The head of forensics at Detica, said the roominess of USB drives made them dangerous
devices to leave unwatched.
"The reality is that you can easily buy a very high capacity drive that will hold
an awful lot of intellectual property or government secrets."
"If a security protocol is a hindrance rather than a help then users will try to
avoid it."
"On a well-managed network that's policed properly, it's very difficult for members
of team A to access team B's data."
At the very least, data on USB drives should be encrypted so that should it go astray
there is not much that can be done with it.
So, please be careful of your own data, back it up, be careful about access to your
data, who has access, why they need it, and what can be done with it.
