A recent article on CIO.com reminded readers once again of the risks associated with external devices like USB drives, which are hard to monitor, easy to lose, and often full of confidential company data. USB drives are also a common source for malware entering an organization, as shown by threats such as Stuxnet, which was widely spread via USB drives. USB drives have a high potential for causing data breaches and are a serious concern for any organization.
Focusing on the risk of sensitive data being leaked out of an organization, the CIO.com article outlines the strategies of 4 organizations for preventing security disasters related to USB drives. The organizations utilize encryption software and monitoring and alerting systems to control the security of data copied to USB drives as well as what data is allowed to be copied to those drives.Read the articleto get the details on the four organizations' approaches to thumb drive security. The strategies of these 4 organizations each contain great ideas for similar organizations looking to protect against data loss, but are they doing enough?
Organizations can greatly enhance their protection against the risks associated with USB drives by protecting not only against data loss, but also against malware on external media devices.OPSWAT's MetaDefender for Media (MD4M) allows organizations to set up a process for managing data on USB drives by creating a station where all external media devices entering or exiting the organization must be scanned. MD4M scans all files using multiple antivirus engines to ensure that malware is not present, detects file types to verify accuracy (protection against file type "spoofing"), and can also scan using a custom data loss prevention engine. With these scanning capabilities, administrators can use MD4M stations to monitor whether threats are entering and whether sensitive data is exiting the organization. They can also implement additional controls, such as permitting only certain file types to enter or exit the organization. Organizations that wish to block USB drives completely can set up MD4M to send approved files to a secure internal FTP where employees can access the needed files.
Read this profile of an MD4Mcustomer to see another strategy for protecting against thumb drive security risks. How is your organization protecting against the risks associated with USB drives and other external media devices? Let us know on Facebook.
