University of Valencia logo Logo ICT Service [SIUV] Logo del portal

SECURITY ON REMOVABLE DEVICES

  • July 19th, 2022
Image de la noticia

Removable storage devices, such as USB sticks, portable hard drives or memory cards, are another addition to our daily lives, almost as essential as a computer or mobile phone, but at the same time so small and discreet that we do not lend them the level of care and security required. How many times have we heard of asking for a USB or hard drive to be able to share a file, this latest report or a whole collection of materials for a colleague who has just joined the project?

Such practices can have unintended consequences if we do not take appropriate security measures, such as infecting the corporate network with some kind of malware. This infection could be unintentional when sharing a USB between colleagues without knowing that it contains a malicious file, or be part of a deliberate attack on the company as in the case of gifts that connect to the network or warshipping. For this reason, those removable devices that are of a promotional type or we are not sure why hands have passed before, we should not use them in the workplace in any way, let alone 'release' them in a corporate team.

Remember that at the University of Valencia, the use of removable devices is not recommended as we have storage spaces such as DISCO, nUVol, and also Microsoft's OneDrive.

The main risks of using these devices are misplacement, access to information contained by unauthorized persons or malware infection. Here are some steps you can take to prevent possible security incidents:

In the event that we are going to store sensitive or confidential information on an external device, we must always use hard disks and corporate USB duly protected and with the appropriate security measures, as set out in the device usage policy. external storage, encrypting the information, storing it in safe places and informing the IT department of any incident that may occur, such as theft or loss of the device.

We need to be especially careful with the highly sensitive information we handle, and add additional security measures to prevent this information from being stolen or stolen by blocking USB ports on computers that contain this type of information.

If we use a personal device (BYOD) to store non-confidential information (for example a corporate presentation, manuals or instructions for a product or service to show to a customer, etc.), for security, we must have the authorization of the technical manager and apply the same protection measures established for corporate devices, complying with the policies for the use of these means (encryption, secure deletion, etc.).

Establish periodic changes to device access password and control read and write permissions.

Carry out frequent scans to detect any type of malware.

Register the external devices used within the company using an inventory that includes an identifier for each, periodically checking their physical location and content, and preventing unregistered devices from being able to connect to any computer in the company. 'organization.

Whenever possible, verify that devices are safe and up to date in a test environment.

Use solutions called DLP or Data Loss Prevention.

Train employees to ensure proper use of these devices. Prevention and common sense are the main keys to avoid suffering a security incident due to misuse.

Another aspect to which we must pay special attention is the removal of the information contained in this type of device, as it is very common to use the erase commands from the operating system to remove them without performing any additional action. However, it cannot be considered a safe form of erasure because the information is not completely deleted, as with the right tools it is possible to recover data from a formatted device or files after emptying the recycle bin.

Therefore, to get rid of the information permanently, with the certainty that no one will be able to access the data once it is deleted, there are methods of secure deletion, such as physical destruction of the device, demagnetization, over- writing and cryptographic deletion. Depending on the type of device, it will be necessary to choose the most convenient eraser.

Although with these measures we have covered the protection of removable devices, we must not forget that we must also protect what they are tied to, the work equipment where we will connect them. Disabling the auto-boot option will result in an additional layer of protection by not allowing devices to perform any action when plugged in, because otherwise these actions may not be reversible and infect all computers on the corporate network.

In short, we can do all this and much more to protect the integrity of our data, but from here we invite you to conduct an awareness campaign in your company to not only make your team aware of existing risks, but they can also avoid them and act accordingly in front of them. Prevention is your best ally.