During the first quarter of 2023, Fortress tracked a number of events that impacted the critical...
How To Keep Your Organization Safe
Removable media is a staple piece of modern technology that can help in conveniently storing and transferring data that we have on our devices. Whether it is storing family photos on an external hard drive at home, upgrading a smartphone’s SD card, or transferring work documents to a client via thumb drive, it is a safe bet that you have used this technology at some point.
Did you know that one of the most substantial data breaches in the history of the United States Department of Defense was due to plugging in an unsecured USB drive that was found in the parking lot? After the thumb drive containing malware was plugged into a laptop, the malicious code was able to spread throughout the network autonomously. This infection eventually led to the leak of sensitive information. A more in-depth article was written on this event and can be found here written by Computer World.
While the convenience of removable media is clear, there has been a shift in how IT and cybersecurity professionals approach the use of such devices in their environments. Precautions being taken in the workplace can also transfer to your personal cyber security efforts.
Here are a few helpful things IT professionals consider when dealing with removable media that you may be able to also apply at home:
- Be aware of what may already be on the device.
- Be sure you know where the device came from before using it. Never use a USB device you randomly find.
- Is the cable being used to connect the removable media from a trusted source?
- Is the device encrypted or at the least, password protected when storing sensitive information?
- Always establish and maintain a chain of custody when multiple parties are involved in the handling and transport of removable media.
Many companies have enabled strict removable media policies, in some cases, completely disabling the use of removable media at all. These policies are in place to combat against both intentional and unintentional consequences of using an unverified removable media device. If removable storage is allowed in an organization, it should be closely monitored. Each device should be tracked along with what data is being transferred to and from them. A common method of tracking is by serial number of the hardware itself. This can help not only prevent the use of unwanted devices, but also mitigate the aftermath of a lost device.
As our daily technology advances, so must our diligence in protecting ourselves and businesses from cyber security threats. Here’s to a happy November and a little added peace of mind when it comes to your personal cyber security hygiene.