Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


07:25 AM
Connect Directly

USBs' Giant Sucking Sound

Most organizations house critical data on laptops, USB thumb drives, and iPods, new survey says

It's what you can't see that could hurt the most: 73 percent of respondents in a new survey to be released on Monday by Senforce Technologies say their organization houses critical data on removable devices such as laptops, thumb drives, and iPods, Dark Reading has learned.

Awareness was indeed the theme of the results of the survey, which polled over 300 attendees at the recent InfoSec and FOSE trade shows, as 46 percent said their organization either doesn't have -- or they are are unaware if it has -- a comprehensive endpoint security strategy. Although the survey was conducted by an endpoint security product vendor, it basically reinforces a point made over and over these days, as organizations are slowly waking up to the problem of laptops that go home with their users, as well as the thumb drives that come into the office with them.

According to Senforce, 18 percent of the respondents at InfoSec said nearly half of their organization's data sit at the endpoint, and 17 percent of the FOSE respondents said the same.

The security of portable media was also a hot topic at this week's Storage Networking World conference in San Diego, where a group of panelists said the biggest problem is a lack of security for portable media such as USB drives. (See Users Confess Security Fears.)

"It comes up in every conversation I have with a customer," says Steve Stasiukonis, vice president and founder of Secure Network Technologies. "It doesn't matter if it's stuff being taken out or coming in -- they say they worry 50-50 about both. It's bad if a user brings it in and [pollutes] the network, or worse if they take something out and it gets into the hands of someone who can hurt [them]."

Stasiukonis says he's seen banks and other companies that still don't realize the danger removable devices can pose to their networks and data. One client was still letting its users bring in their iPods and pop them into their machines. "Unfortunately, you just can't do that anymore."

"It's an eye-opener when they realize how much can be taken off" the network with a removable device, he says.

One organization with highly sensitive data took the extreme but crude approach of gluing shut the USB ports on all of its machines. "They put epoxy on all the ports," he says. Another organization he's worked with decided to go with thin clients as a way to better lock down its network, but discovered that these boxes also come with USB ports. "So they [physically] cut the connections to USB and Firewire ports."

According to the survey, 23 percent of the respondents said their organization had reported a network security breach in the last 12 to 18 months, and another 25 percent said they didn't know whether such a breach had occurred. "73 percent had mission-critical information on thumb drives or notebooks or iPods. That's part of a general trend we're seeing in information being dispersed," says Tim Cranny, senior security architect for Senforce, based in Draper, Utah.

"There's an increasing awareness of these issues as a problem, but solutions are still lagging significantly," Cranny says. Network access control (NAC) is just one piece of the puzzle, he adds.

"There's a management piece, too," he says, adding that Senforce's software controls whether removable media can be removed at all, designated read-only, or blocked. The company also recently coined the phrase "thumbsucking" to describe when USB thumb drives siphon critical data off the endpoint and put organizations at risk, he says.

Meanwhile, organizations apparently aren't fostering much of a feeling of security among users: The survey also found that less than half (44 percent) of the respondents were confident in their organization's network security for wireless, malware, endpoint security, and encryption.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

  • Senforce Technologies Inc.
  • Secure Network Technologies Inc. Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 7/2/2020
    Ripple20 Threatens Increasingly Connected Medical Devices
    Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
    DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
    Dark Reading Staff 6/30/2020
    Register for Dark Reading Newsletters
    White Papers
    Current Issue
    How Cybersecurity Incident Response Programs Work (and Why Some Don't)
    This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
    Flash Poll
    The Threat from the Internetand What Your Organization Can Do About It
    The Threat from the Internetand What Your Organization Can Do About It
    This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    PUBLISHED: 2020-07-02
    Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed...
    PUBLISHED: 2020-07-02
    A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attack...
    PUBLISHED: 2020-07-02
    In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.
    PUBLISHED: 2020-07-02
    In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
    PUBLISHED: 2020-07-02
    In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.