Are you playing Russian roulette with your data?
How many of us go around taking risks that we are not even aware of? There was a study where researchers at the University of Illinois and University of Michigan dropped USB drives at random places and found that 50% of the drives was picked up and connected to a computer. If these drives had payload, then several computers would have been infected (https://mic.com/articles/140623/hackers-use-usb-drives-to-target-victims).
Do you know if your employee would be one of these 50%? Odds are you have at least one…
Doing a simple search on Google for USB hack, we find thousands of how to guides for creating password stealing, hacking and compromising computer systems. So, what can we do?
Training and communication with staff is critical to help protect your network. If someone finds a USB drive, make sure they DO NOT connect it to any of your computers. They can find a “techie friend” who can check it out. Or to be completely safe, have them discard it. USB drives are so low priced today, that it does not make sense to take the risk of reusing a drive we found in the wild.
If your company has protected health information or financial information, then you should have a USB drive policy as part of your employee manual. There are also ways to completely block USB drives from your network. Each business is different, so check with your staff. You should communicate often and effectively. This should help lower the risk of compromising your data and protect your business from a breach.
Luis Delgado is a father, husband, community resource, speaker, and entrepreneur who founded The Critical Update, inc (TCUINC) in 2003. TCUINC is a business and technology consulting firm that has evolved from basic computer support to affordable technology consulting, network management, outsourced IT and cybersecurity. Our clients are from every industry in Central Texas - for profit and not for profit.
Luis is focused on helping business owners create more jobs for Texas families by addressing compliance and productivity needs.