Spacer
Spacer
BGSU
HomeAcademicsAdmissionsThe ArtsAthleticsLibrariesOffices
Spacer
Spacer Spacer
Top Nav   Office of the CIO-Projects & Strategic Initiatives
Cross Hatch

Office of the Chief Information Officer

Welcome

About Us

ITS - Information Technology Services

IMS - Instructional Media Services

Student Tech

Office of Web Development

BG@100

Projects and Strategic Initiatives

Quick Reference

Newsworthy

Feedback

Office of the CIO Policies

Fraud Notice

CIO-Alerts and CIO-Inform email & PGP Public Keys
No Banner
Spacer Connect May 2007 Security Article Spacer
 

 

Safety Tips for Portable Data

by Thomas Roberts

USB flash drives (aka portable memory sticks) are popular productivity tools providing fast and efficient access to portable data. The pocket-sized devices are lightweight, contain no moving parts and continue to drop in price as their storage size continues to increase. Common storage sizes are 8Mb to 64Gb and they can be used with most computers that contain an active USB port.

As the use of these devices in the workplace increases it is important to examine how USB flash drives impact the privacy and security of BGSU information.

A recent news story chronicled the audit process of a credit union and its use of these portable devices. USB flash drives were placed strategically around the organization and contained Trojan software that would report if connected to the company network. Of the 20 USB flash drives left in the workplace, 15 were found by employees and attached to their company PCs.

Along with introducing tracking software, the uncontrolled use of a flash drive can introduce other hazards such as:

  • Loss of sensitive or private data
  • Stolen proprietary data and plans
  • Placement of viruses or other malicious software on the network

Consequently, some organizations ban their use where sensitive information is handled. Although USB flash drives can be difficult to control, there are things you can do to reduce the risk when using them in the workplace.

Educate your co-workers and talk about it Create a workplace policy about using USB drives and discuss ways to reduce risks when leaving them unattended, or when traveling with these devices and bringing them back into the office. Make sure everyone, including student workers, understands what is expected.

Consider using encryption, especially for sensitive data USB devices can be easily lost or stolen (and have been on our campus) so using encryption can help prevent unauthorized disclosure. (University policies and procedures regarding the use of encryption are currently being developed.) It is also important not to have a USB flash drive contain the only copy of an important office document that cannot be recreated easily.

Use office-approved USB flash memory and scan for malicious software Purchase only approved USB drives for the workplace and monitor their use. Have a sign-out process for flash drives to be used in the office or for travel. Scan for malicious software upon return. Configure virus protection to scan all attached USB flash drives on every office PC. These devices could also be completely erased periodically for additional safety.

It is important to note that portable storage devices will likely increase in popularity due to their convenience. Discuss the risks in your workplace so everyone understands the best practices and policies regarding the use of USB flash drives.


Thomas Roberts
ITS Information Security Analyst
  
Spacer
 
Spacer Spacer
Spacer
Spacer
Spacer
Spacer
Bowling Green State University  |  Bowling Green, OH 43403-0001  |  Contact Us  |  Campus Map  |  Site Map  |  Accessibility Policy (PDF Reader)
Spacer