Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

USB flash drive security from two directions

SanDisk : 28 January, 2009  (Special Report)
Jason Holloway of SanDisk Enterprise Division examines the methods of preventing data from leaking out and viruses from seeping in through USB devices
Securing USB flash drives is a battle that enterprises increasingly have to fight, as employees enjoy the mobility and convenience that the drives offer. Until now, the battle has been against data theft and leaks. But now a new combat zone is emerging, against a fast-growing enemy: malware that spreads by copying itself to flash drives and other removable media.

Worms and viruses that propagate via USB removable media have been known for years. In August 2008, a computer on NASA's International Space Station was hit by the TGammima.AG worm from an infected flash drive. And in November, the US Army's classified and unclassified networks were hit by the Agent.btz worm, triggering a ban on the use of all removable storage. It's currently estimated that 40% of malware infections are spread via shared executable files, which can replicate themselves from and to removable storage devices.

As always, whenever a device or platform becomes popular, it becomes a security risk: through loss or theft of data, or through malware exploits. But both threats can combine to cause real security headaches.

An April 2008 survey by SanDisk highlighted the risks on both fronts. It found that 77% of corporate end users had used personal USB flash drives for work purposes. Yet IT managers estimated that just 35% of their workforce used personal drives. That's a major security gap.

The survey also showed the types of data most likely to be copied to a flash drive. These were customer records (25%), financial information (17%), business plans (15%), employee records (13%), and marketing plans (13%). Further, 44% of end users said that, as far as they knew, their company didn't have a policy on copying business data to personal flash drives.

So how can organisations win their USB security battles on both fronts - against data leakage, and against malware?

The first step is to realise that use of USB flash drives cannot be totally banned. Workers need the tools and information to be able to work flexibly and efficiently. So to ensure and enhance the viability of flash drives as a business productivity tool, organisations must ensure that USB flash drives can only be used in compliance with corporate security policies, and with industry and government regulations for data protection.

This means prohibiting the use of personal, non-authorised USB devices, and instead providing staff with a more secure USB flash drive that proactively protects against data leakage as well as malicious infection.

It also means supporting the drives with intelligent device management, data monitoring and central policy enforcement, to meet business and regulatory demands. Let's take a closer look at how these needs can be met, and how you can mitigate security risks by choosing the right secure USB flash drive solution.

To stop malware spreading via flash drives, every file that is saved or copied to the drive must be scanned for malware. Furthermore, the host must also be scanned whenever the drive is inserted - which demands an anti-virus engine on the flash drive itself. This way, when the flash drive connects to the host Windows PC, its memory is scanned to stop the transfer of infected files to the drive. If the host is infected, the secure USB drive is automatically shut down. Furthermore, when a file is saved or copied from a PC to the drive, it's also scanned for malware. This requires a self-update every time the USB flash drive connects to a host PC.

To stop data loss and leakage via USB flash drives, the key weapon is hardware-based encryption and password protection, again integrated with the drive. This makes it extremely difficult for unauthorised users to access data if the drive is lost or stolen. Furthermore, when used in combination with virus scanning, automated encryption and password protection offer a formidable defense against security risks.

The USB drive must impose mandatory access control on all files, storing them in a 100% private partition that is AES 256-bit, hardware-encrypted and password-protected. The drive locks down when a specified number of incorrect password attempts are made. This secures all stored data in the event of drive loss or theft.

Management software must coordinate the complete lifecycle of the drives, from initial user deployment to password recovery, data backup, and remote drive termination.

Desirable management features include: automatic mapping of drives to users; centralised control and distribution of security policy settings; full audit tracking of secure USB drive use, even when used outside of the network; remote installation of new software and updates to secure USB drives; scheduled and automatic backup of secure USB drive contents; compliance reporting using built-in and customized reports; and optional assignment of software tokens, which provide authentication against RSA secured applications.

To beat the combined threats of data leakage and malware from flash drives, organisations need to deploy USB security at multiple tiers. This means choosing and deploying secure USB flash drives that provide malware detection, encryption, and password protection to safeguard their information against infection and loss. With the right weapons, enterprises can defend their mobile workforces and their data, wherever they are.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo