USB memory - small businesses' weakest link?09 May 2006
The nature of the modern business world means that managers and staff alike are often required to work on the go and not be permanently based in one location.
It is mainly for this reason that the popularity of portable media devices has grown in recent years, with mobile phones, laptops and PDAs now considered staple items of an employee's kit.
Also counted among the mobile worker's equipment are USB (universal serial bus) data storage devices, sometimes known as USB memory sticks or USB flash pens. Although these devices allow considerable amounts of data to be easily transferred between PCs, a new government-backed survey has warned businesses that improper use could result in serious consequences.
Not so smart
Last month the Department of Trade and Industry published the results of the Information Security Breaches Survey 2006, which suggested that large and small companies were being too lax with USB memory sticks and smart phones.
Research found that businesses were putting themselves at risk by doing nothing to protect the data frequently stored and transferred on the USB memory sticks.
Despite one-third of companies claiming to prohibit their use, a very small proportion of businesses do anything to enforce banning USB devices and only one in ten take steps to encrypt the data stored on them.
The root of the problem appears to lie in the iPod generation, with people happy to go about their daily lives carrying huge amounts of private data in MP3 players and digital cameras.
However, employees have been found to frequently store both personal and business sensitive information on the same devices, which can lead to serious problems if the devices were mislaid.
A separate survey by software developers Centennial found that two-thirds of people regularly lose their USB devices and that three-fifths of the mislaid memory sticks contain business critical information.
Matt Fisher, vice president at Centennial, explained that many businesses were underestimating the likelihood that memory sticks could be lost.
"This perception of USB storage devices being disposable is a massive risk to organisations' business data," he said.
"Losing control of a USB stick containing company secrets, even if only for a couple of hours, creates a serious risk of data leakage, identity theft and malware propagation. Everyone worries about the security of their laptops, but a USB drive can be even more valuable in terms of the information stored on it," Mr Fisher added.
USB yes
- Considerably more resilient and robust than other portable storage devices such as CDs and floppy disks.
- Vast majority of modern computers have USB ports.
- Can store up to several gigabytes worth of data.
- Data can be stored for up to ten years.
USB no
- Small size means easy to lose, steal or be used for malicious purposes. Many government departments and major companies ban the use of USB devices for fear of harmful use.
- Data can be replaced a limited amount of times.
- Although more vigorous than CDs, data loss can still occur via structural damage.
Post a comment
As usual, we would be delighted to hear your comments or questions about this article. Comments may be published on this or any other BT site.
