Thumbs Down: Flash Drives Are Bigger Threat Than Many Of You Know

The sheer convenience and affordability of flash drives is matched -- and more than matched -- by the threat potential they possess. And that's according to one of the drives' leading manufacturers.

Keith Ferrell, Contributor

April 14, 2008

2 Min Read

The sheer convenience and affordability of flash drives is matched -- and more than matched -- by the threat potential they possess. And that's according to one of the drives' leading manufacturers.As picked up by the bMighty ANTenna the other day, flash drive maker SanDisk is warning that most businesses don't have much a clue about how many of the USB drives are in their facilities or what they're being used for (which is pretty much everything.

The company's survey of flash drive usage queried both end users and their IT dept. managers -- and the results revealed a stunning gap between managerial oversight and end user reality.

To wit: more than three-quarters of the end users admitted to using their personal drives for work (and, obviously, for storing/transporting work-related data) while just over a third of their managers thought personal flash drives (aka flash disks, thumb drives, key drives, etc.) were being used in the workplace.

And what's being stored on those personal USB drives? You name it -- customer records, financial data, business and marketing plans, personnel files, source code.

Etc.

In other words, if it's on the network -- or even a standalone computer -- it can be moved to a flash drive... and probably has.

Easy to understand why -- flash drives are just too easy to use. But they're also too easy to lose, and their price (more and more are simply being given away as promotional items) makes losing them a matter of no great moment. Until the drive is found -- and, along with it, that sensitive company data.

SanDisk recommends -- as do we all, over and over again -- increased education about data security, and sharply increased education/awareness of company policies regarding the use of personal drives, not to mention the shift to secured drives and tighter endpoint security measures, policies and enforcement procedures.

But it looks to me as if the key lesson the survey results offers is that education needs to start in the IT department on this one.

And start there in a flash.

About the Author(s)

Keith Ferrell

Keith Ferrell

Contributor

See more from Keith Ferrell
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

CrowdStrike logo on a phone screen
Threat Intelligence
CrowdStrike 'Updates' Deliver Malware & More as Attacks SnowballCrowdStrike 'Updates' Deliver Malware & More as Attacks Snowball
byNate Nelson, Contributing Writer
Jul 25, 2024
3 Min Read
Hands of a person in a suit jacket holding a screen pointing to an image of a padlock and the words "insider threat"
Vulnerabilities & Threats
Security Firm Accidentally Hires North Korean Hacker, Did Not KnowBe4Security Firm Accidentally Hires North Korean Hacker, Did Not KnowBe4
byElizabeth Montalbano, Contributing Writer
Jul 25, 2024
4 Min Read
A laptop showing the Microsoft WIndows 11 logo
Endpoint Security
Goodbye? Attackers Can Bypass 'Windows Hello' Strong AuthenticationGoodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication
byJeffrey Schwartz, Contributing Writer
Jul 23, 2024
4 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events