Smart and Removable Disk Encryption

Why worry about Smart and Removable Device Encryption

There are many advantages to using removable media, chief among which is the quick and convenient means by which users can copy, transfer and backup data. This same ease of use is part of the problem, however, as malware is able to easily replicate and distribute themselves to unprotected removable storage devices rogue programmes can be easily spread around a network going from one machine to another all from one removable device!

Any time that an employee copies sensitive data to removable media such as a USB, there is a risk of that data being accessed by unauthorised people.

It is important to remember that once a device is no longer in your possession, you have no control over the data or who has access to it. Confidential information can then be transmitted to other parties or posted online for all to see. There are some devices and software applications that encrypt data on your device or media, giving you an added layer of protection in the event of your device getting lost or stolen.

Define a Policy

If you have removable media within your organisation the first step is to create a policy of acceptable use. The first step in the policy is the need to have a clear outline that explains the vulnerabilities of the company’s network, as well as the perceived risks that are associated with the use of removable media.

The next step is to clarify the purpose of your policy document. Here, you will explain what you wish to accomplish by having this policy in your environment so that users can understand what you are safeguarding by implementing these regulations. This is a great opportunity for you to encourage users to contact the IT department with any queries or concerns that they might have.

The policy will define when removal media can be used, and when it cannot. You must explain what data can be stored on such media, and how it must be copied. This is a good opportunity to explain anything from how to encrypt the information on the removable media, to how users must scan the media before it can be opened on their workstations.

Network-Wide control of media devices on machines can be deployed which will enforce:
• Encryption on any external devices plugged into a machine.
• Reject any unauthorised device being plugged into a machine
• Automatically scan the device prior to allowing any access to machine resources for malware or fileless attacks
• Totally disallow any device from being plugged into a machines USB port

There is also the ability to have secure USB devices that will operate on any machine but within the USB operating system, it has its own encryption and malware monitoring services. These devices can have authentication either by traditional ID and Password or the more sophisticated option of fingerprint recognition.

There are many advantages to using removable media, chief among which is the quick and convenient means by which users can copy, transfer and backup data. This same ease of use is part of the problem, however, as malware is able to easily replicate and distribute themselves to unprotected removable storage devices rogue programmes can be easily spread around a network going from one machine to another all from one removable device!

Any time that an employee copies sensitive data to removable media such as a USB, there is a risk of that data being accessed by unauthorised people.

It is important to remember that once a device is no longer in your possession, you have no control over the data or who has access to it. Confidential information can then be transmitted to other parties or posted online for all to see. There are some devices and software applications that encrypt data on your device or media, giving you an added layer of protection in the event of your device getting lost or stolen.

If you have removable media within your organisation the first step is to create a policy of acceptable use. The first step in the policy is the need to have a clear outline that explains the vulnerabilities of the company’s network, as well as the perceived risks that are associated with the use of removable media.

The next step is to clarify the purpose of your policy document. Here, you will explain what you wish to accomplish by having this policy in your environment so that users can understand what you are safeguarding by implementing these regulations. This is a great opportunity for you to encourage users to contact the IT department with any queries or concerns that they might have.

The policy will define when removal media can be used, and when it cannot. You must explain what data can be stored on such media, and how it must be copied. This is a good opportunity to explain anything from how to encrypt the information on the removable media, to how users must scan the media before it can be opened on their workstations.

Options for enforcement

Network-Wide control of media devices on machines can be deployed which will enforce:
• Encryption on any external devices plugged into a machine.
• Reject any unauthorised device being plugged into a machine
• Automatically scan the device prior to allowing any access to machine resources for malware or fileless attacks
• Totally disallow any device from being plugged into a machines USB port

There is also the ability to have secure USB devices that will operate on any machine but within the USB operating system, it has its own encryption and malware monitoring services. These devices can have authentication either by traditional ID and Password or the more sophisticated option of fingerprint recognition.