According to a survey on "Removable Media in the Workplace" companies' information security expenditure could all be for nothing as they turn a blind eye to the threat of removable media. The research, conducted by mobile security specialists Pointsec, shows that removable media devices such as media players and USB flash drives are now routinely used by a huge number of employees in the vast majority of UK businesses, but with little regard to the security threat they pose. A staggering two-thirds of IT professionals who use USB flash drives themselves at work admitted that they did not protect them with encryption even though they are aware of the associated dangers.
The survey highlights that a large number of organisations are yet to address the problem of removable media. With removable media plummeting in price, memory capacity soaring and more people using them at work, companies need to be aware of how easy it is for staff to use them, lose them or take competitive information away on them, all in the palm of their hands. If lost or stolen, vast amounts of valuable company information could seriously expose a company to extortion, digital identity fraud, or damage to their reputation, integrity and brand.
Some of the headline statistics from the survey, conducted amongst 300 UK IT professionals (many of whom are IT security managers), reveals that:
* Removable media devices are being used in 84% of companies.
* On average 31% of employees within a company are utilising them in the office.
* 90% percent of those surveyed were aware of the potential danger that removable media presents.
* A third of organisations state that removable media is being used within their company without authorization.
* 41% of IT professionals are not aware how easy it is to protect the data on a removable media device.
Martin Allen, Managing Director of Pointsec UK said "There seems little point in companies spending vast sums of money on information security if at the same time they're letting their staff use these devices at work which allow them unhindered access to download vast quantities of sensitive company information."
"Storing information on devices is not a new problem - not so long ago it would have been information stored onto a 1.5mb floppy disk, however, now the problem is a much greater storage problem and therefore, needs to be dealt with in the security policy. Organisations need to introduce strict guidelines on the use of removable media devices in the workplace, as well as investing in encryption software which will allow administrators to force the encryption of all data put onto a mobile device. Using this type of software is just as vital and inexpensive as using anti-virus software, yet only a fraction of organisations have woken up to the problem."
The proliferation of high capacity media players and USB flash drives on the market makes it possible to save anything up to 100GB's of information on one. This means an employee could download 4 million documents of valuable data on what appears at first sig