A UK local council has lost the personal details of hundreds of residents when a memory stick fell out of an employee’s pocket. Details lost include names, addresses, national insurance numbers, ethnicity and more.
Read More »

We blogged recently about increasing regulation, and strong penalties for companies that suffer breaches in data security. Industry experts and analysts agree that these new moves will help to drive wider uptake of secure USB flash drives. Read More »

A new report on the state of IT security has warned that the weakening job market could lead to an increase in online crime as laid-off workers, especially those with computer skills, turn to scams to support themselves.

The report from networking company Cisco claims that IT staff threatened with redundancy because of the downturn could initially target their employers as an easy option for sourcing information, based on their inside knowledge of systems, processes and people.

An example was the arrest in April this year of a former IT analyst at the Federal Reserve Bank of New York, on suspicion of taking out loans using false identities.  The FBI found a USB flash drive attached to the employee’s computer with applications for $73,000 in loans in the names of stolen identities.

Whether this is just another version of the often-repeated “insider threat” remains to be seen.  But it does highlight the importance of securing data by encryption, and controlling what USB storage devices employees can use – for example, issuing authorised staff with secure flash drives.  These measures help to cut the risks of damaging data losses or theft.

Following a question by a member of the UK parliament, UK Government departments have revealed the numbers of laptops lost or stolen recently.

The figures are quite startling, with well over 100 laptops lost or stolen in the past year alone.  One organisation – the Department for Work and Pensions – alone lost 41 laptops last year, from its fleet of around 9,700 machines. 

Although Government departments claim that all laptops are now required to be encrypted, that’s still an awful lot of data lost.  There is also the real risk that the data may not be protected

And don’t forget, these figures are just for laptops.  You have to wonder how many other devices – such as USB memory sticks – were lost in the same period, what data was on them, and whether that data was encrypted. 

Although some UK Public Sector organisations – such as the National Health Service – are leading the way in deploying secure USB flash drives to protect data on the move, not all Government organisations are at the same level.  Unfortunately there will be many more data breaches to come in the next year.

In the last 6 months or so we’ve seen how USB flash drives have become recognised as a vector for spreading malware, especially malware that uses Windows’ Autorun capability.

This week, Symantec is reinforcing that message during its Cyber Crime initiative.   The company’s Security Response group product manager says that as well as being a method for propagation, USB-borne malware is particularly difficult to get rid of. 

Of course, one way of stopping the spread of malware via USB memory sticks is to use secure flash drives with on-board antivirus, which stops malware on the drive itself.

It’s also worth noting just how the sheer number of threats has grown.  In 2000, antivirus vendors issued 1,500 new signatures.  In 2009, over 2.5 million signatures are expected.  AV protection on all computing devices makes more sense than ever before.

With over 150 million flash drives sold worldwide last year, according to analyst Gartner, there’s an incredible amount of unsecured information being carried around in people’s pockets, bags, briefcases and cars.

And even if users think they are being safe by regularly deleting old files from their ordinary USB sticks, they are not.  In a similar way to a conventional hard disk, deleting a file does not mean it has gone forever.

In fact, all that has happened is that it has been hidden.  The delete function merely erases the reference to the file in the FAT (file allocation table) on the drive.  The file and data are still there, and by using FAT data recovery or repair tools, those “deleted” files can be easily found again.

It’s another good reason to deploy and use truly secure USB flash drives, like our Cruzer Enterprise, which keeps ALL data on them secured against unauthorised access and use, at all times.