Your Data at Risk
- Implement strong security software. All company computers should have the right security software to detect and remove potential threats. "Without question, you need serious protection today that not only protects from online threats but also is capable of scanning external devices too, such as USB drives," warns Fiering.
- Limit USB access. In extreme cases, organizations have cut off access to USB ports. Others have limited USB access to specific employees. Using encrypted USB drives is another option, as is disabling AutoRun on computers so that programs on a USB drive don’t immediately run when a drive is inserted.
- Monitor use. Keeping track of USB access will help you note who is using the drive, on which computer and at what time of day." IT departments need to make sure their machines are secure and sensitive information protected," adds Michael Gartenberg, research director at Gartner in Stamford, Conn.
- Focus on education. “Banning can result in users trying to bypass the ban,” cautions Santorelli. A usage policy augmented by an awareness campaign to educate end users will help mitigate the risks.