A new study has discovered that the majority of those working with USB sticks in order to transfer and store data do not properly secure these portable devices using encryption.
The study was not carried out over a general, mixed discipline selection of employees, but rather it focused specifically on IT security professionals, which makes the findings all the more troubling according to some.
Credant Technologies polled 277 professionals and discovered that 89 per cent of respondents did not regularly employ measures as simple as basic password protection when using USB sticks.
Respondents said that in 67 per cent of cases they were transporting business secrets relating to intellectual property on unsecured USB drives, with customer data being inadequately protected in 40 per cent of cases and personal information relating to employees making up the smallest proportion, with just 26 per cent transporting it on USB sticks.
A total of 52 per cent said that there was no form of encryption on the USB sticks used regularly by themselves and their co-workers, suggesting that there is still a great deal of complacency in relation to data loss, even amongst those professionals who are specifically tasked with managing this sensitive area.
Credant Technologies’ Sean Glynn believes that there needs to be greater awareness as to the risks associated with unencrypted portable storage devices, particularly since it is relatively inexpensive to ensure that data is properly protected when transported in portable form.
USB data security expert Anders Pettersson said that it would be relatively easy to convince IT professionals to adopt a more secure approach to data storage, but that getting the message across to those who are less technically proficient in different departments of a business could be where the real challenge lies.
Mr Pettersson believes that some IT security professionals are concerned about the potential backlash they could face if they alter current policy and create a safer working environment with widespread USB encryption, or even alternative methods of data transfer. However, he also indicated that there was a general move towards improved security measures and total encryption which is positive for the future.