Secure USB Drive

NASA is the latest organisation to clearly outline its policies on use of non-authorised USB flash drives and other removable media.

NASA CIO Jonathan Pettus issued a memo last week, instructing employees in good practice with removable storage. He stated they should not use personally-owned USB drives on government computers; nor use government-owned removable media devices on personal machines or machines that don’t belong to the agency; not to put unknown devices into ANY systems; and to ensure systems are fully patched and updated.

While not as strong as the directive supposedly issued by the Department of Defense, which bans use of all removable media devices to stop a malware outbreak, it’s a clear indication of how popular USB flash drives are, and how widespread their usage is.

The memo outlines the steps employees can take to reduce some of the risks of using unsecured USB drives. But this still relies on people making the right choices. And even with the best intentions, some users will think it’s OK to use a personal drive, just this once. After all, they’re just trying to be efficient.

But one time is all it takes. The only effective way to secure USB usage is to issue employees with flash drives that enforce mandatory encryption and password protection of data.

Combine this with anti-virus scanning - as we recently announced on our Cruzer Enterprise secure USB flash drives - and you have tiered, comprehensive security.

By automating security, you take the human factor - and much of the risk - out of the loop.