GFI LANguard Portable Storage Control - control entry and exit of data via USB sticks and other devices. Download a free trial.
It seems that nearly every new electronic device on the market today comes equipped with data storage and transfer capabilities. From USB sticks to smart phones, MP3 players to hand-held PCs and iPods, the portability of data has reached new levels of simplicity as the prices of these devices continue to fall while storage capacities continue to rise.
There is no question that USB Flash Drives and their electronic counterparts are a valuable addition to the road warrior's toolbox. The ability to easily transport data between client and company sites, not to mention taking work home for the weekend, make these devices almost irresistible.
Portable storage devices are also handy for making quick backups of important documents and even system registry files. Unlike CD/ROM disks, the stored data can be edited and saved over and over again.
Yes, today's portable personal storage devices have revolutionized the concept of "sneaker net", but are the rewards worth the risks?
These electronic conveniences have created a nightmare for data security managers and have spawned an entire sub industry that is aimed squarely at portable data storage security.
Old Risks and New
Portable data storage devices provide the same functionality as floppy disks, hard drives and CD/ROM and, therefore, are subject to the same virus and spyware risks as their more traditional counterparts. This is a particularly onerous threat for organizations that allow their employees to transfer data between company and home or remote computers.
While most threat-savvy IT departments have complete virus and spyware protection enabled within the enterprise, most organizations have little control over the protection of employees' home computers or computers that employees use at client and vendor sites. With new virus and spyware threats appearing every day, it is entirely possible that the organization's anti-virus and spyware systems may be unaware of the latest threat which has just been introduced by an employee.
Portable storage devices are also subject to your standard day-to-day perils such as mechanical or electronic failure, damage from being dropped or being exposed to harsh environmental conditions or just plain getting lost or stolen. The latter two circumstance create a whole new threat level if sensitive data happens to be stored on the missing device.
The term "Business Intelligence" takes on a new and dark meaning when the stealth capabilities of portable storage devices are factored into the equation.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.