Secure USB Drive

The need for secure storage

In today’s business atmosphere, data needs to be transportable. This need for mobility has a by-product; a host of security endangerments with data seepage topping the list. Enterprises are in the midst of a data leakage epidemic. Since 2005, more than 230 million records have been vanished or stolen, according to the Privacy Rights Clearinghouse; many of them stored on transportable devices such as non secure USB drives.

The outcome of unintended and intended data leaks can be drastic. Theft of, trade secrets, intellectual property, proprietary information of classified business plans and road maps can cause loss of sales and other industry advantages. The loss of sensitive client or employee data can result in legal liability, possible criminal charges when data leaks break state or federal laws, as well as penalties associated with failure to comply with federal and industry regulations. Data breach cases cost an average of $6.3 million, according to a study conducted by The Ponemon Institute. In addition, the irreversible damage to an organization’s public image might be devastating. Having a secure storage device becomes a true necessity.

A frequent occurrence of data leakage takes place when employees take work home with them on a laptop or a non secure USB drive, only to lose the device or have it stolen. Most IT managers have taken steps to harden their networks against external attacks using intrusion detection systems, packet inspectors, firewalls and malware scanners. When it comes to securing portable media players, USB flash drives, memory cards, optical discs, external hard drives and other portable storage devices, most IT managers are faced with a multitude of challenges. Getting SanDisk’s secure USB might be a good start.
To keep away from becoming the next headline, enterprises should seal the leaks. Companies are most vulnerable at the endpoints of the network. The challenge facing IT managers is to secure the endpoints without restricting employees’ productivity.

Secure storage for your organization

There are eight practices that can moderate the risks of data leakage from endpoints for any organization. These are:
1. Inventory Hardware
2. Identify Sensitive Data
3. Set Hardware Policies
4. Set Data Usage Rules
5. Implement a Centralized Management System
6. Begin at the Top
7. Train Employees
8. Review the IT Environment

1. Inventory Hardware – Does your organization uses secure storage?

To secure the endpoints, IT managers should know which devices are being used at the organization. The first step is to review all hardware and storage devices used in the organization. This can be done manually or automatically .This information is necessary for establishing policies concerning the kinds of devices employees will be allowed to use and the types of protections they need.

2. Identify Sensitive Data – where is your vulnerable information?

Organizations need to know what information is sensitive. A methodical inventory of the information can identify the files containing the most sensitive data - corporation financial, human intellectual property, resources records, and customer lists for example.

3. Set Hardware Policies – what is allowed to use and what is not?

Organizations need to decide what types of hardware are allowed and what kinds of data need to be limited. Banning mobile devices outright can hamper productivity and implicitly compel employees to engage in “guerilla” storage tactics using their own portable devices. Organizations first need to decide what devices are allowed. A good place to start is requiring sensitive mobile data to be stored only on encrypted devices such as secure USB drives. Hardware policies should also determine what kinds of smart phones and portable storage devices are allowed to access the network.

4. Set Data Usage Rules for enabling secure storage

The following step is to create regulations for what kinds of data files can be transportable and how they are treated. Some files may be read only, some may be encrypted and others may be off limits for all but authorized personnel. C-level executives will have different data mobility needs and require different policies than the organization’s administrative staff, engineers or outbound sales force. Data usage policies must be comprehensive enough to protect the organization, but not so restrictive that they impede employee productivity.

5. Implement a Centralized Management System

Establishing corporate policies without any way to enforce the rules or detect violations is ineffective, as policies alone won’t set your secure storage. Organizations need a means to make policies obligatory.. Network-based data loss prevention systems (DLP) can detect activity at the port level on every machine connected to the LAN, as well as Bluetooth, infrared and WiFi connections. These systems can log all attempts to copy or manipulate sensitive files, proactively alert employees who are attempting to read or modify classified data, and enforce policies, such as only allowing sensitive data to be copied to secure USB drives. Some DLP systems will allow an organization to track offline usage as well, comparing mobile data files against the originals to determine if they have been opened, altered or copied to another device. Endpoint device management software allows corporate IT departments to centrally manage secure USB flash drives both inside and outside the corporate environment. This software protects corporate data by coordinating the complete lifecycle of company-issued secure USB drives from initial user-deployment to drive termination. Central management software allows for password recovery and renewal, tracking and monitoring activity beyond the corporate network, central back-up and restore, enforcement of company policy and remote termination of lost or stolen drives. With this software, data on lost drives is not lost and administrators can provision a replacement with user files backed up on the network.

6. Begin at the Top

Implementing secure storage solutions across a large organization requires time. It can take months and even years, but data needs protection immediately. Organizations must establish a security hierarchy based on a thorough risk analysis. The top is the best place to start. First, lock down C-level executives, business unit directors and personnel who travel with sensitive data before moving on to the rest of the organization.

7. Train Employees

The most sensitive element in any cooperation is its employees. Only 18% of data breaches are caused by some type of malicious intent by an insider, hacker, or code. Inadvertent employee behavior and broken business processes are responsible for the majority of data loss incidents and thus preventable. The best protection against data leaks are educated employees. Employees should be trained not only on how to avoid data loss and report those that happen, but also on the compliance framework their organization may operate in, such as HIPAA, GLBA or SOX.

8. Review the IT Environment

Leaky data is like a leaky roof; you won’t know you have one until it rains. Likewise, organizations won’t know if their endpoint security system is working until they test it. A third-party firm can probe for weaknesses that an IT staff may not have considered. For example, an organization can install a virtually bullet-proof DLP system, yet still be vulnerable because someone left the door to the data center unlocked, allowing a thief to walk away with the backup discs.

Conclusion

Mobile data is not going away. Data leaks will only get worse and more costly, both in real dollars as well as damage to an enterprise’s intellectual property and reputation.
Organizations must know what devices to use and what data to protect. They also need to develop policies that fit each role in the organization and implement tools that allow the organization to audit and enforce the policies. Only a top-down effort involving intelligent device management, data monitoring and centralized policy enforcement will plug the leaks, while allowing organizations to operate securely at the rapid speed of business.