Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT
Tuesday, 30 July 2013 / Published in Woo on Tech

Humble Thumb Drive Still a Security Nightmare

Thumb Drive

Portable flash drives, also known as “thumb” drives, are about as common as their physiological namesake. They are readily available, useful for a variety of tasks, and now so cheap as render them nearly disposable. Partly because of their ubiquity and seemingly innocuous profile, they make extremely effective malware vectors and continue to be the bane of information security professionals everywhere:

  • As part of a security test conducted by the Department of Homeland Security, USB drives were left in the parking lots of other government agencies and private contractors. After being spotted and picked up by employees, almost two-thirds of the orphaned drives were plugged into networked computers, even though the users had no clue as to the thumb drive’s origins, and if the thumb drive had a faux government logo on them, nearly 90% were accessed via networked computers.
  • A survey of 300 IT professionals conducted at the 2013 RSA Security Conference found that almost 80% of respondents have plugged in thumb drives with questionable or unknown origins, despite probably knowing full well the dangers such an action could present.
  • Infamous NSA whistleblower Edward Snowden purportedly copied digital documents supporting his claims onto a thumb drive that he smuggled without much effort into and out of the National Security Agency.

What this means for you:

Because of their size and capability, thumb drives are not something that will be controlled through simple policy and half-hearted enforcement. Companies with tightly managed technology environments can enforce a ban on non-authorized USB devices through centrally controlled software policies, and some have gone so far as to glue shut open USB ports in an attempt to close this security gap. For smaller companies with less dire security requirements, this may not be a reasonable solution. Instead, you should continue to make sure that you have working anti-malware in place and set to scan any storage device inserted into your computer. On top of this, if you regularly use thumb drives to transport business data, those drives should be encrypted with a strong password to prevent security breaches due to loss or theft, and obviously, they should be backed up regularly for the same reason. And for goodness sakes, don’t pick up some random thumb drive lying on the ground and plug it into your computer. You really don’t know where that thing has been!

Image courtesy of bplanet / FreeDigitalPhotos.net

  • Tweet
Tagged under: data breach, flash drive, homeland security, rsa, security, security breach, thumb drive, usb

What you can read next

heartbleed.png
Widespread Encryption Weakness Discovered After 2 Years
ID-10071870.jpg
Change your router password now
Another Flaw Found in Intel Processors

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Social Media monetizes our need to be social

    Part of our occasional series “The Elepha...
  • Freemail accounts will be hacked

    Most of you know that I do not recommend using ...
  • LastPass Breach is bad news for everyone

    Late in the year, just in time for the holidays...
  • 2023 – Approach with Caution

    Traditionally I like my year-end messages to be...
  • Privacy sign

    Popular tax apps leaked your data to Facebook

    While it shouldn’t come as a surprise to any of...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP