The risks of USB devices in times of teleworking
The risks of USB devices in times of teleworking

It is not strange to save information on a USB to be able to work from home. What is bizarre is having an encrypted portable memory that ensures that no unwanted person sees sensitive company information. 

The telework has been introduced into an important part of Spanish households since last Saturday the alarm status and with it, the obligation to adopt this way of working in jobs that they admit are ENACTED. However, not all companies had adopted teleworking in their workforce before the crisis and therefore were not prepared for it.

Precisely, the speed of the firms in adapting their employees has caused them to forget about a relevant aspect: cybersecurity. Or at least, those companies in which workers have stored important information on a USB device to be able to work at home during the period of quarantine.

Pedro González , director of business development for Kingston in Spain, explains this to IPMARK . “The problem we have seen is that some companies are giving information or applications that employees have to use through normal USB without taking into account that one of the main security breaches comes from this type of device.” Among them, the fact that they are lost quite frequently or that a worker uses the same for both work and personal matters.

Read More: SEO Interview Questions and Answers

In this sense, González remembers that these devices, as with a cloud system or a CRM, must have a series of security requirements. Not only because of the need to comply with the General Data Protection Regulation (RGPD) – the standard itself establishes the obligation to notify the loss of a USB device – but also “for the security of the company itself.”

Read More:   Can Your Enterprise Benefit from No-Code AI?

Specifically, corporate USB devices have to incorporate encryption. There are two ways to do this: by ‘software’ encoding or ‘hardware’ encoding . In the latter case, the encryption is executed by the device’s own internal memory and they are, in González’s words, “extremely secure” because they are managed through a console. This console gives access to information and, by operating directly on the device, “does not generate any installer or waste on a machine or an operating system.”

Although there are also USB flash drives that, as in the manufacturer’s DT2000 model, have a keyboard on the device itself to enter the password it incorporates. Thus, “if someone loses it and another person finds it, there will be no problem because it will require the password,” explains González. The intruder will have nine attempts available. At the tenth, the USB formats the information it contains.

More security doors

In any case, a corporate USB device will not always require such encryption. Only in those events in which an employee saves critical information for the company. Similarly, there are other methods of working safely from home. González cites the cloud , a hard drive with encryption or a laptop with antivirus .

Although he warns: “As much as you have security or encryption software inside a laptop, if you take the data out without encryption and put it in a USB stick, you already have that door open.”