According to the United States Government Depart of Commerce National Institute of Standards and Technology (NIST), a removable media device or portable storage device is:
“A system component that can communicate with and be added to or removed from a system or network and that is limited to data storage—including text, video, audio or image data—as its primary function (e.g., optical discs, external or removable hard drives, external or removable solid-state disk drives, magnetic or optical tapes, flash memory devices, flash memory cards, and other external or removable disks).”
Why are these portable hard drives, USB flash drives, memory cards, or other formats important to consider when it comes to cybersecurity? Because in business they are constantly used to share information among team members and that means that they also provide an easy way for data to be stolen or lost. And ease of use among employees means that they provide cybercriminals with a way of dispersing dangerous malware as well.
Considerations When Using
If your clients are using removable media, encourage them to remember the following:
- Keep the devices safe and secured when not in use
- Encrypt the devices for safeguarding data
- Have a backup of the information that you are storing, and keep it in a secure location
- Device failure can result; these devices are not often designed for long life spans
- Alert you to any lost devices
- Never use unapproved removable media on work equipment
- Keep personal information off removable media that is used for professional purposes
- Turn in all removable media when they are no longer being used or need to be wiped clean before reusing
If your clients should find removable media devices, remind them:
- DO NOT install the device into their machine
- DO NOT click on any links that they find on the device
- DO turn the device over to you for evaluation
These devices should be addressed with the same care and policies that a laptop or mobile phone is regulated with. A single record or bit of data can compromise a business if found or misused. Ensuring that your clients are aware of these risks with tools like our Baseline Employee Cybersecurity Assessment (BECA) will keep their businesses safe and secure from online crime!
