Data Security: Lowering the data leakage risk of USB usage

Posted on February 17, 2009. Filed under: Information Security | Tags: , |

February 17, 2009 by George John. T, Information Security Advisor

The ubiquitous nature and growing capacity of computer-removable media — USB hard drives, thumb drives and similar devices — puts the confidentiality, integrity and availability of corporate information at risk. Many organizations still do not include USB storage in their information security policies, and few security managers actively monitor or prevent their use by employees. Organizations need a security strategy that is both flexible and adaptable to deal with the evolving capabilities of these removable media devices.

Regulatory compliance has served to highlight the need to address the security issues created by the increased use of computer-removable media. The focus on risks related to “information leakage” through USB drives of all sorts is heightened by regulations and industry information security initiatives, such as the Payment Card Industry Data Security Standard for credit card companies and merchants.

In the United States, laws such as the Gramm-Leach-Bliley Act for financial companies and the Health Insurance Portability and Accountability Act for healthcare providers and insurers are putting pressure on companies to safeguard personal information stored on computers — or face penalties for security failures.

Managing the risk presented by removable media has proven to be difficult for both security professionals and end users because the same features that contribute to the popularity of these devices create a complex security problem. The easy compatibility, small size and high capacity of these USB storage devices require both technical and procedural solutions.\

Many Organizations in Research & Development, Banks, Government Agencies, Defense Sector, etc face the threat of USB through-out their work environment. Due to these factors, these Organizations block/restrict such USB devices due to “Security Infringement”.

In my experience dealing with clients of all sizes there seems to be a prevalence of point solutions.  Tactical solutions such as disabling or locking down the USB ports may provide a marginal improvement in security, but they do not address monitoring in situations where USB access is required by the business.  Tools that facilitate the management and reporting of such usage, when aligned with an overall policy regarding the acceptable use of removable media, provide the most effective basis for managing this risk.

Trinity Future-In Pvt. is an innovator in bringing state of the art, affordable services and solutions to assist companies in managing and securing systems using USB devices and various other online security solutions and services.  Various Features of the USB based Solution is as follows: –

  • Control Usage of USB across the network
  • Manage USB Registration for Use
  • Server driven USB registration
  • Block usage of Unauthorized USB
  • Server Based Management by Admin user
  • Writing Permitted in authorized systems only
  • Support to concurrent users while writing
  • Authentication at USB access in the network
  • Authentic log with machine details at every access.

Trinity’s mission is to provide outstanding security services using it’s Properitory Technology and security management. To find out more, please visit http://www.trifuturein.com

Contact:  George John. T
Trinity Future-In Pvt. Ltd
georgejohnt@trifuturein.com
(91) 80 25596288

Advertisements

Make a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Liked it here?
Why not try sites on the blogroll...

%d bloggers like this: