Removable media devices now present the biggest threat to corporate security, according to new research. However, the research conducted by Centennial Software found that four out of five companies do not have effective measures in place to protect against the threat these devices can pose.
Over 43% of those questioned have no controls whatsoever in place to manage removable media devices, 27.4% leave it to the manager’s discretion, and 8.6% have taken the drastic step of introducing a company-wide ban. Only 16.4% use endpoint security software to manage the potential risks effectively. This is despite a raft of recent media stories surrounding insider data theft using removable media.
Strangely, companies are not ignorant of the risk. In a significant change from previous surveys, the “Security Attitudes Survey” in 2007 saw removable media devices rated by 38.4% of respondents as the number one security issue facing their organisation. The risk has taken over from Web viruses (23.7%) and malware/spyware (22.3%) for the first time.
While more companies in 2007 said they do include removable devices in the acceptable use policies (63.4% versus 54.5% last year), with more USB sticks than ever in use on the network (65.6% regularly use USB sticks, up from 36.3% last year) it’s not enough to rely on a policy, according to Centennial.
“It’s long been recognised that human error leads to the majority of information security problems,” said Matt Fisher, vice-president at Centennial. “Leaving the use of removable devices at the discretion of staff exacerbates the risks posed by these devices – especially when a minority of employees may have reasons for wanting to steal or compromise data.”
“A larger proportion of companies than last year said they had no controls for managing removable devices in place – 43.3% versus 38.5% last year. This is an alarming trend; if organisations recognise the risks of data loss, theft and damage from USB sticks, smartphones and MP3 players, they need to take action to manage the threat and protect their data,” concluded Fisher
Subscribers 0
Fans 0
Followers 0
Followers