Pen Drives, the high capacity movable storage device of the computer, is not just a boon for the IT and other business sectors, but it has been proved to be the most dangerous device to harm any organisation. While data security and confidentiality matter the most in any government and private organisation, a pen drive is the most useful device for the corporate spies or hackers to take data easily and misuse it.
Among the threats for an organisation associated with a pen drive, the most important is transmission of viruses. As most of the antivirus software fail to detect the viruses in a pen drive or safeguard the computer, a computer can be easily infected by a virus transmitted through pen drive. This portable device can be responsible for data loss and data theft. In corporate sectors, many employees have found with taking malicious software, video clips, computer games, MP3 files, pornography pictures and other inappropriate files violating corporate rules.
However, restricting a pen drive in a corporate environment is next to impossible. They are too small in size to be carried stealthily and also they are getting cheaper everyday. These days, the pen drives are available that can not be identified by a metal detectors as well. Hence, the security threats involved with a pen drive is hard to combat with. However, some measures can be chosen to deal with the serious issue.
Educating the user:
It is hard to stop the gadget junkies from using pen drives as it has become the `must-have` for them. And sometimes, pen drives becomes essential for any work progress. But it is possible for the office authorities to educate the users on the use of pen drive while taking data to their home out of the office or bringing any data to the office.
Lock desktop security:
Many companies are adopting the security policy of locking the computer automatically when not in use for a few minutes. Though it is a perfect alternative, using a pen drive or misuse of data are possible when the computer is unattended by someone. The interval of locking can be reduced in a high risk environment. In a workstation with access to sensitive data the lock desktop can prevent misuse of pen drive to a large extent.
Rigorous anti-virus policies:
The company or the corporate authorities should configure antivirus software to scan and detect every attached drive and removable media. The users of every interface should be trained to scan the files before opening them. This can reduce the effect of the virus in case it is transmitted through a pen drive.
Restriction of USB ports:
In the corporate environment or any other place the USB ports of the desktop computers can be made disabled to prevent the use of pen drive by the outsiders. In place of the USB port, the legacy port can be used for using the peripherals. Even software can be used to restrict the access of end user to the I/O devices and many other plugs and play devices.
Use of secure devices:
Companies should take care of issuing only secure devices to the employees and also these devices should be approved to purchase. The users having potential access to sensitive data should be allowed the devices with security features and they should be trained to use all the security features.
Educating the security personnel:
The security personnel of a company must know how a pen drive looks like and what dangers it can cause if it is with a miscreant. Any unauthorised person in the company premises with a pen drive should not be ignored. Rather, legal steps can be taken to seize the device.
It is barely possible to work in any corporate environment without the help of a pen drive. But looking at the scenario, where the large business sectors are facing potential threats due to pen drives everyday, some of the above security measures can be adapted to, at least, reduce the hazards of misusing pen drives.