For employees on the move, USB sticks are handy and easy to carry. But that also makes them easy to steal or lose.
The memory stick is undoubtedly a great step forward but lose it and the consequences could be serious.
Magnus Ahlberg, managing director of Pointsec Mobile Technologies, said: ‘The advantages of using a small memory stick, compact flash (CF) card or digital camera memory card are enticing.
‘Gone are the days when you had to lug your laptop around with you on every long journey or on spells away from the office.
‘Just attach a USB stick to your key ring and you can carry all the documents you could ever need without that heavy, cumbersome laptop forever being in your shadow.’
A whole range of information is stored on a memory stick, ranging from extensive databases to reams of documents, and as they are so portable – most measuring only a few centimetres long – they could easily end up in the wrong hands.
For less than £200, memory sticks with four gigabytes-worth of storage can be readily purchased. If a careless employee managed to lose the device, the entire contents of an office PC could be given away.
Ahlberg said: ‘The harm to your business posed by information loss is not simply financial or operational.
‘There are also the legal liabilities of information carried away on removable media. If a disgruntled employee decides to leak out information on your customers, you could find you are in for a very big libel suit as well as significant damage to your company’s reputation.
‘You could also find the entire contents of your bank account emptied or even have your identity stolen. These scenarios are very real and have the potential to be incredibly damaging.’
The security threat of issuing drivers with memory sticks needs to be addressed by fleet or IT managers, according to Ahlberg, who has produced a series of criteria to improve security across the office.
Five-point plan for using USB sticks without putting your firm at risk
However, you should introduce removable media into your security policy and make sure that everyone on your staff reads and signs the policy. Also, explain to your staff what actions will be taken if the policy is ignored.
(Source: Pointsec Mobile Technologies)