informa
2 min read
Commentary

Thumbs Down: Flash Drives Are Bigger Threat Than Many Of You Know

The sheer convenience and affordability of flash drives is matched -- and more than matched -- by the threat potential they possess. And that's according to one of the drives' leading manufacturers.
The sheer convenience and affordability of flash drives is matched -- and more than matched -- by the threat potential they possess. And that's according to one of the drives' leading manufacturers.As picked up by the bMighty ANTenna the other day, flash drive maker SanDisk is warning that most businesses don't have much a clue about how many of the USB drives are in their facilities or what they're being used for (which is pretty much everything.

The company's survey of flash drive usage queried both end users and their IT dept. managers -- and the results revealed a stunning gap between managerial oversight and end user reality.

To wit: more than three-quarters of the end users admitted to using their personal drives for work (and, obviously, for storing/transporting work-related data) while just over a third of their managers thought personal flash drives (aka flash disks, thumb drives, key drives, etc.) were being used in the workplace.

And what's being stored on those personal USB drives? You name it -- customer records, financial data, business and marketing plans, personnel files, source code.

Etc.

In other words, if it's on the network -- or even a standalone computer -- it can be moved to a flash drive... and probably has.

Easy to understand why -- flash drives are just too easy to use. But they're also too easy to lose, and their price (more and more are simply being given away as promotional items) makes losing them a matter of no great moment. Until the drive is found -- and, along with it, that sensitive company data.

SanDisk recommends -- as do we all, over and over again -- increased education about data security, and sharply increased education/awareness of company policies regarding the use of personal drives, not to mention the shift to secured drives and tighter endpoint security measures, policies and enforcement procedures.

But it looks to me as if the key lesson the survey results offers is that education needs to start in the IT department on this one.

And start there in a flash.