Half of IT security professionals do not use encrypted USB sticks when carrying company data.
A survey of 277 IT security professionals by Credant Technologies found that 11 per cent protect their devices with passwords, with the type of unprotected data being carried including intellectual property (67 per cent), customer data (40 per cent) and employee details (26 per cent).
Sean Glynn, vice president and chief marketing officer of Credant Technologies, said: “If over half of this IT savvy audience are carrying unprotected sensitive information on USB sticks, and lets face it you can pick one up for less than £10 in most good supermarkets, it makes me question just how big this problem is and, more importantly, what needs to happen to make organisations wake up to the risk.
“As long as there are new devices coming into the arena, and new threats to protect them against, we'll continue to work with organisations' to deliver flexible solutions that track and report on where sensitive data is moving, and provide the right blend of data encryption and protection technologies to mitigate these risks.”
Commenting, Anders Pettersson, CSO at BlockMaster who produce the encrypted SafeStick, said that solutions are available to solve this problem but action is often the first stumbling block.
He said: “This is a target group of security savvy people and the guidance needed for a standard audience is much higher. I would say it boils down to a security group who understand USB encryption, it would be beneficial for organisations and I do believe that management needs to be done.
“It is clear that there are solutions are available that would remove the hassle for users, but there is hesitance in IT security and if you install change you will meet with resistance. People are suddenly waking up and realising that they need to limit unsecured USB drives.”
Stonewood CEO Chris McIntosh said that USB security is becoming a key issue for identity fraud. He said: "For USBs, it is almost acceptable and I believe that it is totally wrong so we say put encryption on it so if it gets lost you cannot get into it. People do not understand the value of data and when you look at encryption, it is not an additional cost it is part of the business."