Losing it: how to protect data on USB devices

Opinion by Nick Banks

In October, Greater Manchester Police force was fined by the Information Commissioners' Office (ICO) for losing a USB flash drive.

In October, Greater Manchester Police force was fined by the Information Commissioners' Office (ICO) for losing a USB flash drive.

This apparently contained data on more than a thousand people who had 'links to serious crime investigations' and the USB stick was, crucially, unencrypted and belonged to an officer in the Serious Crime Division. Rather than using the corporate, encrypted memory stick provided by the force, the officer was using his own, higher capacity device.

This was a costly and embarrassing episode for the force, but Greater Manchester Police is far from alone. Some organisations address the issue by simply blocking the use of USBs altogether, but this restriction can have a negative impact on productivity. The real key to solving these types of data breaches means answering a fundamental question: how can organisations ensure that data is secure without preventing staff from doing their jobs?

Remote wipe and remote kill features are growing in prominence as data breach headlines mount up. In these scenarios, as soon the device is plugged into an internet connected endpoint, a command is sent from a central console in the IT department to either erase (wipe) all data or completely disable (kill) the device's ability to function.

For highly sensitive data, an organisation might want the security of the remote kill function so that they know the device is no longer usable. An IT department can disable the device and prevent all access, even by the normally authorised user. This option can help ensure that employees don't take data with them on the device when they leave a company.

Equally, if inconsistencies are found in authentication policies or device security is not fully implemented in hardware, then a remote kill feature forms an extra layer of security.

Making remote kill 100 per cent effective over the internet requires a type of policy enforcement server to be involved in every attempt to access the device. The policy server would ideally take part in the authentication process and a user would not be able to access the device without the server also permitting it.

At this level, the remote kill function can be a message from the policy server to execute a data destruct or block command on the device, instead of the usual authentication. Remote kill is a good solution to protect against the carelessness of current or former employees, a 'rogue employee' situation is more complex.

The rogue employee scenario makes the policy decision rather difficult. Say you want to terminate the employee's contract - you'd like to be able to disable all access to sensitive information immediately. The employee, knowing that he is about to be terminated and knowing that there are grace periods, simply needs to disconnect from the network and copy all the data from his USB device in one session. Unfortunately, in this situation, the grace period allows remote kill to be easily defeated just when you need it the most.

Remote wipe and remote kill features improve security, but they also add an extra layer of complexity. As such they are most suited to high security environments involving sensitive data. For these types of organisations, remote kill and remote wipe are a safety net – a way of rescuing potentially catastrophic situations. This technology should not be used in isolation, and there should be many measures ahead of this final line of defence against data breaches – beginning with the use of encryption and proper staff training.

This requires pre-planning and investment – but given the cost of data breaches, having the right controls and technology in place is a small price to pay.

Nick Banks is head of EMEA and APAC for mobile security at Imation


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events