Free Newsletter
Register for our Free Newsletters
Zones
Access Control
Alarms
Biometrics
Detection
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
Surveillance
View All
Other Carouselweb publications
 
 
 
 
 
 
 
 
News

A guide to securing flash memory

SanDisk : 21 November, 2008  (Technical Article)
Jason Holloway, the Northern European Sales Manager for SanDisk Enterprise division offers some insight into securing the use of USB flash memory on corporate networks
Do you really know how many people are using USB flash drives in your organisation? Don't worry if you're not sure - the majority of IT professionals are equally uncertain.

An April 2008 survey by SanDisk found that 77% of corporate end users had used personal USB flash drives for work purposes. Yet IT managers estimated that just 35% of their workforce used personal drives. So how do you bridge that security gap, and protect the sensitive business data on flash drives? Here are our top 10 tips.

1 The first step is to define clearly your company policy on using USB flash drives, and ensure staff know the policy and buy into it. Part of this is finding out how exactly many drives holding company data have been lost or stolen over the past year, so you can understand the scale of the problem. In the SanDisk survey, 44% of end users said that, as far as they knew, their company didn't have a policy on copying business data to personal flash drives. And 23% said they weren't familiar with policies on flash drive use.

2 Back up your security policy, with company-issued USB drives. By issuing company drives to authorised users, you create responsibility and can reinforce the policy on drive use. Be clear what data can and can't be copied to drives, and on procedures for lost or stolen drives. Also get each employee to sign a copy of the policy before issuing them a company flash drive.

3 Make sure the company flash drives are fully encrypted, to protect the data copied to them against the risks of loss or theft. A policy is only effective if backed up by technology, so the encryption should be as strong as possible. Currently, a 256-bit AES algorithm is the highest encryption level that's commercially available.

4 Automate the encryption, to ensure that users cannot forget to secure data, or try to get around it. People make mistakes, or assume it'll be OK just this one time if they don't encrypt. Automated encryption on the flash drive protects users - and your business data - against those risks.

5 Use hardware encryption, not software, for data integrity and performance. Hardware-based encryption does not require driver or software installation on the host PC, stopping threats such as cold boot attacks, malicious code and brute force attacks, and makes usage easier.

6 Maintain an audit trail of data and files that are copied to the company flash drives. The management software for your flash drives should provide this information. According to SanDisk's survey, the data most likely to be copied to a flash drive were customer records (25%), financial information (17%), business plans (15%), employee records (13%), marketing plans (13%) - so it's imperative that you know what is being used, and by who.

7 Have the ability to recover and restore data that resides on the flash drives. Sometimes, you may need access to the data that was stored on a lost drive. The management software for your flash drive fleet should enable this feature.

8 Have the ability to terminate lost or stolen drives. It may sound a little "Mission: Impossible", but the ability to terminate a missing drive after a period of time adds an extra layer of protection to sensitive data. Ask the flash drive vendor if they can provide this feature in their management solution.

9 Make sure you can centrally manage all drives, with granular control. You need to be able to update flash drives, back-up data on them, reset passwords when users forget them, control use of flash drives in unauthorised PCs, and more from a central console.

10 Make sure the secure flash drive solution you choose is flexible, with ability to support other security applications. For example, on-board anti-malware scanning, to stop known and unknown threats from entering the secure USB flash drive when used outside the corporate firewall, or user authentication for secure remote access applications. The ability to support features like these help to futureproof the solution you choose.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com