Majority of Workers Plug Unknown USBs Into Office PCs

Wednesday, March 02, 2011



Majority of Workers Expose Businesses to Malware and Data Loss

BlockMaster, a provider of managed secure USB flash drives, today at CeBIT in Hannover, Germany, warns that organizations are at risk of unsolicited viruses and malware as 76% of workers plug unknown USB flash drives into company PCs, potentially compromising corporate network security.

“This is alarming as many viruses on USB sticks can run as soon as they are plugged into a PC, without user activation and causing widespread damage to a corporate network,” says Anders Kjellander, CSO, BlockMaster.

“Indeed, the Stuxnet worm, the first ‘industrial’ virus, was well-known for spreading via unsecure USB sticks. Furthermore, even if unprotected USB sticks are not infected with viruses or worms, they can contain sensitive corporate data, leaking important information to external organizations causing harm for the party that lost the device.”

The research of over 1,000 UK office workers initiated by BlockMaster to reveal attitudes to handling portable devices, such as USBs, also revealed that almost a quarter (20%) have lost unprotected  USB drives holding sensitive information, exposing businesses to huge potential risks, such as loss of IP and reputation damage.

“Around 83% of office workers use USB sticks today, making them almost as common as the mobile phone. However, although we often have work email on our mobile phones, it’s quite rare to store a significant quantity of sensitive business data on them. Unsecure USB drives pose a unique security threat, as they are usually small, easy to lose and have a high capacity for storing documents, videos or corporate presentations,” Kjellander said.

The survey also discovered that approximately 85% of lost USB sticks are later found, so office workers hoping that lost sensitive data will simply ‘vanish’ will frequently be disappointed.

Kjellander concludes: “Organizations need to put technology and policies in place to secure and remotely manage their USB devices. A lost unsecure and unmanaged USB stick can contain sensitive data including customer details – or in the case of public sector organizations, details of patient records, benefits or tax details – so it is imperative that organizations put in place a managed secure USB drive solution that automatically protects stored data and allows administrators to centrally manage them to perform policy updates and remotely erase any lost device.”


Possibly Related Articles:
malware USB Drives Stuxnet Headlines report PC Employees
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.