When Data Goes Missing Will You Even Know? 327
Lam1969 writes "Jack Gold says IT shops may have a huge problem on their hands, and probably don't know even know about it. The problem is USB flash drives, which he predicts will probably reach 10 GB in capacity in three years, and the lack of policies to guide use of them by employees. From the article: 'With more and more employees using flash drives, smart phones with Secure Digital memory cards, portable hard drives, etc., the likelihood of companies actually knowing about all instances of data loss is declining rapidly. And as a result, the possibility of companies breaking laws, whether for data-loss disclosure or regulatory compliance, is growing dramatically.' Gold predicts 'at least one publicized major case of unencrypted data loss from a portable device' in the next year, which will result in many companies banning these kinds of devices."
We already hear about it (Score:5, Informative)
Will it be more prevalent? Maybe. But it already happens. Now, the question is, is there a program that can encrypt/decrypt an entire (relatively) small drive with some sort of key system or something? I think that will be the most logical step to protect small drives like these.
Uh, you can turn off USB drive access in Windows.. (Score:5, Informative)
What the article probably meant to say is that sloppy security practices, combined with increasing personal storage, increases the risk of unknown data loss.
You can lock down a Windows box just fine against casual and accidental leaks if you know what you're doing, and you have a corporate policy to enforce. You can even prevent deliberate attempts at data theft, if you really want to be a hardass.
Re:data has walked out the door before. (Score:5, Informative)
No need for "afterward". Most companies that are extremely interested in protecting data (such as a large
It doesn't take a smart company to figure out that you don't want Billing.mdb on a floppy. USB is really no different.
not just USBs.. (Score:4, Informative)
Since 3/4 of you aren't going to RTFA... (Score:4, Informative)
So to clue you all in:
The article is not about people stealing sensitive data from their workplace using their USB drives. The article is about people losing data, because they've lost the USB drive they had it stored on.
Data loss (no backup) or data theft (stolen disk)? (Score:3, Informative)
For the first problem (Data loss due to lost or corrupted disks), which seems to occupy the majority of the article, the solution is easy. Back up your data from your portable storage as soon as you can easily access the mainframe. How long does a differential/incremental backup take? 10 seconds? 2 minutes? A piece of data existing in the portable disk, the mainframe, and the backup tapes, is much harder to be lost.
For the second problem (Data theft due to lost disks), encryption works well. To discourage data theft due to lost disks, a simple, easy-to-use on-the-fly encryption on the portable storage device can help tremendously. The solution has to be simple because if it is a few mouse clicks too many, employees will try to circumvent the hassle.
Re:U.S. Military Rules. (Score:2, Informative)
For MSE at least, we maintain the concept of least privilege. Simply put, everything has a classification level, from unclassified/FOUO, confidential, secret, top secret, and up. You do not mix and match equipment with varying security levels. If a laptop is rated unclassified, it will not go on the SIPRNET (secure network). In addition, a device carrying sensitive information is classified at the highest level of the information (i.e., a CD-R burnt with a Secret and Unclassified documents is now rated Secret, and will be handled as such.)This is how we protect data: determine the security rating, ensure that the boundary safeguards are respected, and treat all data in accordance with preexisting regulations.
From my experience, flash drives are the most viable portable media aside from paper. When my unit deployed to Iraq in 2003, we discovered that: 1) floppy disks were rendered unreadable by heat/dust within two months, and that CDROM drives usually died after 6-9 months of exposure. The second time we deployed, key leaders (and friends of the supply sergeant
Re:A little epoxy will fix that right up. (Score:4, Informative)
rm -rf /lib/modules/2.6.n/kernel/drivers/usb/storage should do it.
Oh, right. Windows.
Encryption (Score:2, Informative)
Re:NSA policy (Score:3, Informative)
We only had a staff of about 20, so it was relatively easy to manage.
Oh, and the building was an old torpedo training facility. Solid concrete walls, but the roof was designed so that if there was an explosion, it would all go straight up. So it wasn't exactly safe to walk on - there was always the danger of falling through. Right into the secure area. Go figure.
-h-