informa
Commentary

Take That Thumb Drive Out Of Your...

employees' hands. Not really, of course, the big-storage/small-bucks devices are just too convenient, too portable, too easy to use. All of which makes them too dangerous to use indiscriminately.
employees' hands. Not really, of course, the big-storage/small-bucks devices are just too convenient, too portable, too easy to use. All of which makes them too dangerous to use indiscriminately.The little drives pose a big security challenge for small to mid-size businesses. Say you've got thirty employees: you could have as many as sixty or more thumb drives floating into and out of the office -- and into and out of your computers, your network, your business.

Leave aside for a moment -- and for another blog -- the sheer security risk that thumb drives present because of their very portability and, for want of a better word, purloinability. Think instead about what it means when an employee brings a personal thumb drive into your workplace.

This is particularly true if your business prohibits storage of personal data on company equipment. Easy enough for employees to get around that one by keeping all of their personal data on their personal thumb drive, using your computers, network and USB ports as gateways, never technically violating the no-store rule even as they expose your business and your business info to any number of threats.

No personal storage, of course, isn't enough of a rule -- a sound security policy prohibits employees from connecting any personal device or media to company equipment.

The solution? First, put some teeth in your employee access/device/media rules and make sure the employees are aware of them.

Next, make sure your company uses secure thumb devices, and give some thought to USB lockdown services.

Recommended Reading: