Workers expose businesses to malware and data loss
Organizations are at risk of malware as 76% of workers plug unknown USB flash drives into company PCs, potentially compromising corporate network security, according to BlockMaster.
“This is alarming as many viruses on USB sticks can run as soon as they are plugged into a PC, without user activation and causing widespread damage to a corporate network,” says Anders Kjellander, CSO, BlockMaster.
Even if unprotected USB sticks are not infected with viruses or worms, they can contain sensitive corporate data, leaking important information to external organizations causing harm for the party that lost the device.
The research of over 1,000 UK office workers initiated by BlockMaster to reveal attitudes to handling portable devices, such as USBs, also revealed that 20% have lost unprotected USB drives holding sensitive information, exposing businesses to huge potential risks, such as loss of IP and reputational damage.
Around 83% of office workers use USB sticks today, making them almost as common as the mobile phone. However, although we often have work email on our mobile phones, it’s quite rare to store a significant quantity of sensitive business data on them.
Unsecure USB drives pose a unique security threat, as they are usually small, easy to lose and have a high capacity for storing documents, videos or corporate presentations.
The survey also discovered that approximately 85% of lost USB sticks are later found, so office workers hoping that lost sensitive data will simply “vanish’ will frequently be disappointed.
Organizations need to put technology and policies in place to secure and remotely manage their USB devices.
A lost unsecure and unmanaged USB stick can contain sensitive data including customer details – or in the case of public sector organizations, details of patient records, benefits or tax details – so it is imperative that organizations put in place a managed secure USB drive solution that automatically protects stored data and allows administrators to centrally manage them to perform policy updates and remotely erase any lost device.