Maintaining cyber-security with encrypted USB drives 

Tiago Gomes at Kingston Technology argues that encrypted USBs are the secret to data security when working remotely or when travelling 

Remote working has changed the way that businesses operate, probably forever. With employees out of the office, organisations have had to restructure their IT estates, move to reliable video platforms to ensure collaboration, and come up with new strategies to keep teams motivated.

One of the biggest challenges has been managing the risk of cyber-attacks as people have adapted to working outside the secure network perimeter.  

Kingston Technology recently conducted a survey among businesses in EMEA that indicated that while over half (54%) had already refocused their security policy after the pandemic, 72% of UK-based companies still plan to increase security measures. And the reason they gave was to mitigate the risks associated with remote working.  

In fact, 59% of those surveyed said that remote working has strongly affected their business data security policy with 62% citing an increase in cyber-crime, while 30% said the need to handle more customer data remotely were key factors.

While businesses are using a range of measures to reduce their cyber-risk, including security training, antivirus software, secure VPNs and access management controls, it was also interesting to see that there was a 25% increase in the use of encrypted USBs and that 27% of the companies surveyed planned to increase USB usage in the future. 

At a time when public Wi-Fi and cloud access to data is so ubiquitous, the humble USB clearly still has an important role to play. At this time of year, when people are not just working remotely, but travelling overseas on holiday, USBs offer benefits that should not be overlooked. And here is why: 

Public Wi-Fi and the risks of accessing the cloud 

Most of us take care when connecting to a public Wi-Fi network, but it’s easy to think that you can quickly access a file without encountering any trouble. In fact, the moment a laptop is connected to an insecure network, the sensitive data that is stored on it is at risk of exposure to cyber-criminals.  

The same principle applies when accessing the cloud, where security is reliant on the hosting provider’s technology being up to date and protected. If password attempts can be entered multiple times, or a password is stolen, guessed or acquired through an email phishing attack, data stored in the cloud is instantly accessible. 

When travelling, it may be necessary to download or upload data into the cloud, but unique security policies and differing approaches to regulatory protection of data exist in many countries. This means that company data crossing non-company networks is more likely and is therefore at risk of being accessed by foreign adversaries.

Not only does this put companies in danger of industrial espionage, it could potentially threaten national security.   

Encrypted USB drives 

Traditionally USBs have been relied on to help employees easily store or transfer data when they are travelling or working remotely. They are light, user-friendly, immensely transportable and can be kept separate to laptops or other devices to reduce the risk of data loss.  

What is essential, however, is that the USB drive is encrypted with an encryption algorithm or a password/code that prevents unauthorised access. This means that employees can access their critical files regardless of whether they are at the airport, in a hotel bar or a local café using public Wi-Fi or without the use of Wi-Fi at all. The files are securely loaded into the drive in the same way that they are stored on the cloud, and there is no risk of exposure to hackers.

In the event of the USB drive being stolen, the drive will permanently wipe data held within it after a preset number of password attempts. Kingston USBs, for example, wipe data after 10 password attempts. 

As well as providing peace of mind to travelling and remote working employees, an additional benefit is that the use of encrypted USBs helps organisations to meet their compliance requirements to protect data privacy and minimise data leaks.  

Any organisation that is considering the use of USBs is in good company. A fortune 500 financial services company worked with us to provide military-grade security on a global scale. Their drive uses digitally signed firmware which makes it immune to threats such as BadUSB, and it enforces protection with minimum characteristics to prevent unauthorised access through brute-force attacks. 

In the telecoms world, where customers rely on their providers to keep their personal details secure, it is often necessary to move data using portable storage. Data in transit can be a point of vulnerability but business-grade security USB drives can be built to house data in-transit with strong encryption.

Not only were these secure, they were also easy to use, which meant that employees were not tempted to circumvent security measures with expedient workarounds at the risk of losing data.  

Companies are looking for reliable solutions and constantly updating their policies to keep up with the changing risk landscape. But regardless of whether summer travel plans or an increasingly remote workforce is the catalyst, adopting encrypted USB drives will provide the flexibility, the portability and the proven protection to withstand even the most dangerous of cyber-security threats.   

Tiago Gomes is Flash Business Manager EMEA and Sales Manager Southern and Northern Europe at Kingston Technology

Main image courtesy of iStockPhoto.com