Data is increasingly one of the core building blocks of any business. In today’s fast-moving commercial world, entrepreneurs, start-ups and established companies all need to take data-driven decisions.
Storage and security of data has therefore become a major issue for many different types of business. Cyber security and data protection are key topics that are currently causing concern in boardrooms all over the world.
But within those fields it’s increasingly the danger of removable media that is causing most worries. Portable data can pose many specific risks to a company’s data security.
That’s why removable media needs to be carefully considered as a topic in its own right.
Of course, removable media is highly convenient in lots of situations. Since the early days of floppy disks, it has been convenient for a company to physically carry data from one computer to another.
Floppies may have disappeared – but note that the symbol of a disk is still used as a graphic icon in many software systems. Portable media is still ingrained in many commercial systems.
The real technology has moved on rapidly though. Today a USB flash drive is a popular and highly-efficient way of transferring information on the move.
More businesses are finding they can make their data portable using small and large drives – but as their use increases, so do the risks. Criminal hackers are able to access confidential data from most of these devices – even after it appears to have been deleted.
What exactly is removable media?
This category includes any portable device that can transport and store data, like a USB drive, portable SSD hard drive, SD card, removable discs or even a laptop. It is an easy way to copy, transfer and transport data from one computer to another.
What are the risks?
It may be convenient but transferring information to a portable data store immediately makes the contents more vulnerable. Businesses that fail to manage the security risks expose themselves to many possible security threats. This is why measures such as privileged password management are so important.
The removable media could simply be lost or stolen, compromising the data on it – and harming the reputation of the organization it belongs to.
Or a criminal may install malicious software on it, introducing a cyber threat into your system.
Removable media should only be used on trusted computers. A flash drive could easily be infected with malware by a hacker.
When the media is inserted into the next computer it could transfer malware into the system. This may be designed to automatically extract sensitive data.
How to avoid the risks of removable media
Best practice in the handling of removable media includes establishing basic rules throughout any organization. Staff may need training in the dangers and safest tactics of handling removable media.
Only insert trusted removable media into any of the company’s computers and only use trusted computers to read it.
Use anti-virus and anti-malware software packages to scan for any possible dangers when removable media is connected. Disable the auto-run and auto-play features for when media is first connected to a network.
Ensure that data is always protected with proper access controls using secure passwords. Remove sensitive data from media once it has been transferred and saved.
Consider encrypting the data stored on all portable media and devices.
Consider simple physical security too. Are employees and visitors allowed to carry USB drives out of the building?
Using a Secure Access Service Edge system can revolutionize the way a company stores its data safely. A service like Perimeter 81 sase can secure data, resources and users in any network.
SASE is a growing data security platform that combines safety and functionality into one single cost-effective and cloud-based service for companies. It’s a way of securing data… and simplifying the systems that protect it.
Should removable media be used at all?
Transferring any important data into an insecure environment is fraught with danger in the modern commercial world. Companies seriously need to consider whether the convenience is worth the risk.
Those handy little USB drives in particular are the commonest way for hackers and criminals to infiltrate and bypass security perimeters for a private network. There is massive risk of infection and data theft when using them.
That’s why some major companies have completely banned the use of all removable media in a bid to eliminate the risks.
For many other businesses however there can be times and situations when the use of removable media is unavoidable. That’s when a company needs to be aware of how to manage and minimize the risks.
Businesses may have to accept that portable devices are part of the modern digital world– but it’s reasonable that company time is invested in understanding and mitigating the risks of using it. Any operators and users throughout a company should understand how to protect the network from dangerous malware and viruses.
It’s more important than ever to ensure that any removable media is used in a sensible – and protected – way.
Cyber criminals’ skills are evolving as fast as the anti-hacking technology. That means it’s crucial for a data-driven business to try to stay ahead of them – by using the best practices and security systems available.
If the cost of the training and systems is a worry – consider the potential costs of not having them. A major malware attack or data theft can be a major threat to the survival of any business today.