The United States has experienced the worst military breach back in 2008. It happened because of a USB flash drive that contains malware was connected to the military network. Sensitive information regarding the Department of Defense was leaked as a result. The cyber security then realized the danger that comes with using flash drives.

A decade later, professionals are able to understand more about the security risks of using USB flash drives.

  • Employees borrow USB sticks from one another without knowing that it can contain malwares or viruses.
  • Black hat developers used to drop flash drives where unsuspecting employees may pick them up and connect them on their computers.
  • An employee resigning or fired from a company can have flash drive that contains information regarding that company without the management knowing.
  • Information can be easily leaked if the flash drive is stolen or lost by the owner.

Knowing that there are risks, one should know how to secure their USB flash drives through these methods:

  • An organization should mandate encryption of all flash drives utilized by employees. You can also buy USB flash drives that are already encrypted upon purchase. The encryption should follow the Federal Information Processing Standard. There is paid and free encryption software that you can install in your flash drive.
  • Upon seeing USB flash drives that may be left intentionally or unintentionally, it is important to practice caution. Human beings are curious creatures and it is the reason why some of us can’t help but check the content of a USB flash drive.
  • Inside the organization, you should use practice safe measures when using flash drives to make sure all your data are safe and secure. You can set the group policy to avoid installation from new devices such as USB flash drives. You can set that only specific USB devices will be allowed based on its hardware IDs.

You don’t have to worry if you need to install something from a clean USB flash drive as there are override options available for administrators account.