Education Yes, But What Else Can Be Done To Help Prevent Sensitive Data Breach on Flash Drives?
When Flash Drives first came on to the market, they were a "dream come true" for companies and organizations. They made an incredibly easy way of transferring data back and forth from one computer to another with very little fuss, making them one of the most widely-known means for transferring information. As technology expanded over the years, the amount of data these tiny, two-inch devices could carry grew in leaps and bounds. Now they can hold more information than an entire desktop computer could just a few years ago. But this dream can easily become a horrible nightmare to a medical facility or organization if a flash drive containing lots of important, sensitive data gets lost by a staff member or stolen.
Just recently, an article on Becker's Hospital Review, explained that a USB flash drive containing sensitive information about its patients at the University of Rochester Medical Center was lost in its outpatient orthopedic facility.1 This scenario is sadly not a unique one; as this scene repeats itself over and over again by hospitals, businesses and organizations all across the country and the globe. But is the issue of blame with the flash drive itself?
The article went on to say that the organization is "re-educating faculty and staff about its policy that requires the use of encrypted drives when transporting protected health information on flash drives." But is education enough?
Organizations Need to Consider the Bigger Picture
Establishing a policy that requires staff to use only secure, hardware encrypted flash drives is a good start to help prevent scenarios like this, but companies and organizations have more powerful, affordable options today than ever before, to take a much more enveloping approach to protecting data. Companies that are serious about protecting sensitive information will work around human error and take even stronger precautionary steps to prevent the data from getting into the wrong hands.
What Others Have Done to "Protect Data"
In one unprecedented measure, some organizations have taken the approach of an outright ban of USB flash drives altogether. Although this "throw the baby out with the bath water" approach might prevent the loss of data through a flash drive, it certainly does not bode well with convenience, especially in a commerce driven by the necessity to quickly transfer data in order to conduct thorough business.
Others have resorted to the exclusive use of Cloud technology to store and transfer data, but this requires a constant connection with the internet, can become costly, and leaves businesses with some well-founded uncertainties. Reports of cloud storage shut downs or glitches have left organizations vulnerable at a most crucial moment, with no access to their information. Data breaches are unfortunately more common than we realize among some less reputable cloud storage services, which begs the question, where exactly is the data really at, who has access to it, and where is it going anyway?
Flash Drives do serve a great purpose, number one of course being their convenience. The second is their flexibility, and the third is the confidence of knowing exactly where your data is. Regular unencrypted flash drives are great for carrying around everyday information that you wouldn't mind others knowing about, like marketing videos for your company for example, or a recipe of your favorite dish.
But most staff and employees carry important information around that is much more sensitive to an organization, and all precautions must be taken to protect that information from getting into the wrong hands. Educating staff and employees about the use of hardware encrypted drives is good, but for an organization to really make an effort, they need to look at an even bigger picture.
Why Secure, Hardware Encrypted Drives Are a Good Start
Hardware encrypted flash drives are a good start for providing the protective safeguards necessary to conduct good business with the convenience of transferring data. Make a policy in your organization that only hardware encrypted drives are allowed for business use. Kanguru's Hardware Encrypted Secure Flash Drives lock the information down under full password protection using military grade technology, including limited password attempts, so even if an intruder tries to tamper with the drive, it will be disabled and the information rendered inaccessible. If an encrypted flash drive were ever lost or stolen, no one else can access the information, and any potential breach of data is brought to an abrupt halt.
But Kanguru's secure flash drive defenses do not stop there. Kanguru's Defender Series contain a barrier against another notorious enemy; viruses, spyware or malware. On each Kanguru hardware encrypted drive, onboard anti-virus protection constantly scans the device and warns against invasion, providing further protection of your data from within.
Kanguru secure drives also contain brute-force protection, so if a savvy thief were to attempt to break into the device physically, the information would be rendered unusable, once again preventing access to the data.
Using Kanguru secure, hardware encrypted drives is a good start to securing information and complying with data security regulations, but what other steps can be taken to circumvent human error, and provide even stronger protection? For that, Remote Management of secure USB drives is the answer.
The Bigger Picture: Remote Management of Flash Drives
If organizations really want to get serious about preventing a sensitive data breach, remote management is the answer. Organizations and businesses whether large or small may have hundreds of flash drives popping in and out of their computers on a daily basis. Remote Management is the key to tracking these drives and protecting the entire network from vulnerabilities.
With Remote Management of secure devices, a business owner or administrator protects the network from within, by restricting what type of drives can be connected to computers, and even restrict use to certain IP addresses or domains outside of the organization. Flash drives and other USB devices can be managed from, and to anywhere in the world through either a self-hosted, or cloud interface, tracking their locations, disabling lost or stolen drives, notifying users of policy updates and enforcing password rules. Remote Management is the "all-in-one" solution for managing sensitive data on portable units anywhere.
All told, taking a much more enveloping approach by restricting use to hardware encrypted devices and managing them with a remote management system is the best precautionary measure an organization can take to make USB devices safer and comply with data protection regulations. Making a smart investment now can prevent harmful, expensive, and even embarrassing data breaches in the future. Kanguru would be happy to talk with you about finding the best affordable security solution for your organization, whether it be secure, hardware encrypted drives or a Remote Management system. Contact us at firstname.lastname@example.org to learn more, or check out the range of options to fit your specific budget here, at kanguru.com.
1) From the article "URMC Notifies 537 Patients of Possible Data Breach", written by Anuja Vaidya; Becker's Hospital Review, May 7, 2013