SALES & SUPPORT 844.600.0075

6 Tips for Keeping Your Organization Safe with Portable Media

Virus ThumbdriveWe've all used USB Thumb Drives / Memory Sticks. In fact, you probably have a few in your desk drawer or computer bag. And, if you're like most people, you haven't realized how risky the use of these devices is for your data and your organization.

We asked Joe Dylewski of ATMP Solutions, a Michigan-based firm specializing in compliance for HIPAA, ISO 27001, NIST and other technology and data related regulations, about the risks associated with the use of portable media. Here's what he had to say:


"Over the last 20 years, storage and portable media technology has evolved and decreased in price. The usage of portable media has increased as it has become an easy method of moving files and backing up data. However, with the portability of information, risks have surfaced.

Examples of “Portable Media”:
  • USB Memory/Jump Drives/Memory Sticks
  • SD Cards – used in cameras, mobile phones and tablets
  • External Hard Drives
  • CDs/DVDs

There are a few key points to consider when using portable media:
  • Data Loss – because the capacity of portable media continues to increase, the ability to move mass amounts of sensitive data, and the risk, also increases proportionally.
  • Introduction of Malicious Code – a significant amount of infectious code is transferred using portable media.
  • Theft – due to the size of the portable media, it is very easy for a malicious actor to pick up one of these devices unnoticed. Often, these devices are left on our desk, in our car, or in an unsecured area.

When using portable media, consider the following safeguards:
  1. Avoid using unidentifiable storage devices – never connect or insert unidentifiable portable media to a workstation, tablet, laptop, phone or other computer. If it is not your device and can not be specifically identified, allow your IT department to thoroughly scan and investigate the contents. This can and should be done in a segregated, secure environment.
  2. Allow your virus protection software to scan portable media - your anti-malware software should be configured to automatically scan any device that is connected to your computer
  3. Disable the autorun features – often, malicious code is inserted in the programs that execute from the auto-run feature. Disable this functionality and allow your software to scan the device before executing any program.
  4. Keep business and personal data separated – prevent the co-mingling of personal and business use of portable media.
  5. When possible, use strong encryption on portable media devices – encryption allows an element of password protection and renders the data on the portable media unreadable if accessed inappropriately.
  6. Purge data from portable media when it is no longer needed – the less information stored on a portable device, the better. Once the media has been used and files are no longer necessary, format the drive and ensure that no residual instances of the information remain on the device."

 

At CloudSAFE, our policy prohibits and prevents the use of external drives. While this may seem extreme, it eliminates the risks associated with such devices. We've all picked up thumb drives at events. I've seen people pick up thumb drives that they've found laying on the ground. And, we use these without knowing what's on them. That puts our organizations at great risk. 

Do you find this shocking? We don't. Statistics show that most virus or malware infections happen when people take actions that common sense should tell them not to take. Our recommendation - refrain from using portable storage devices and, if you do use them, follow Joe's suggestions.

Image courtesy of Shutterstock / SK Herb


Are you using thumb drives or external hard drives as a means of backing up your data? If you are, you should consider a safer, more secure option such as Backup as a Service. If you'd like to learn more about data backup and recovery options, CloudSAFE has created this one-page brief which reviews the need for off-site backup and the options an organization has to protect themselves. You can view it below.

Data Backup and Recovery Options

← Evaluation Tips for Disaster Recovery as a Service
What is the right Data Backup Solution for Your Business? →

About this Blog


How can you leverage The Cloud? How will you get there? What will protect you from disaster? Your cloud journey can start anywhere and evolve. CloudSAFE can help you no matter where you start or where you want to go.

Everyone says you need to be in The Cloud. But why? And how? CloudSAFE can help you determine what that means to your company and the best way to get there. The Cloud can be a powerful tool. It provides flexibility, security, capacity and it’s cost effective, enabling you to avoid capital investment. But the question remains, what is right for your company? Contrary to popular opinion, The Cloud is not one size fits all. CloudSAFE has a broad range of solutions and services focused on IT Business Continuity and Infrastructure as a Service.

CloudSAFE believes The Cloud is not “One Size Fits All”. Follow us on our blog and see what else we believe in, and be sure to share your feedback with us.

Subscribe to Email Updates

Recent Posts