Story image

The security risk IT departments love to ignore

11 Aug 11

IT departments are failing to properly appreciate the security risk posed by USB flash drives, according to a new study.

The study, run by the Ponemon Institute and sponsored by Kingston Technology, surveyed 743 IT professionals and security practitioners, and found that 71% did not consider the protection of confidential and sensitive information on USB flash drives to be a high priority.

Investigations of the companies represented found that 12,000 customer, consumer and employee records were lost on average per organisation due to missing USB drives. 

"Organisations watch very carefully, and put a plethora of controls around, what enters their business from cyberspace,” says Larry Ponemon, chairman and founder of the Ponemon Institute.

"This study drives home the point that they must also take a more aggressive stance on addressing the risks that exist in virtually every employee’s pocket.”

40% of organisations surveyed reported having more than 50,000 USB drives in use among their staff. Nearly 20% reported over 100,000. 

As well as preventing data loss, a USB security policy is also important for security from malware. A study performed by the US Department of Homeland Security in June dropped unidentified USB sticks in government parking lots and found that 60% of the people who picked them up plugged them into office devices to try and track down their owners. When USB drives with official logos on the side were dropped, 90% were plugged in. 

The study lists 10 security recommendations covering the management of USB drives. Go here to read more.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Apax Partners wins bidding war for Trade Me buyout
“We’re confident Trade Me would have a successful standalone future," says Trade Me chairman David Kirk
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
NVIDIA sets records with their enterprise AI
The new MLPerf benchmark suite measures a wide range of deep learning workloads, aiming to serve as the industry’s first objective AI benchmark suite.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.