USB drives have somewhat of a sordid past. While they have enabled countless people to conveniently transport data, they have generally been considered to be an enterprise security risk because of how easily they can be lost. A recent discovery made by security researchers regarding USB drive technology, however, has found that there is greater cause for alarm besides the possibility for misplacement.
USB drives have been revealed to lack security on a fundamental level. In reality, these devices are comparable to digital hypodermic needles – they easily contract malware that can then be distributed to every machine they are subsequently plugged into. Using a strain of malware known as “BadUSB” that was developed specifically for the experiment, researchers Karsten Nohl and Jakob Lell uncovered inherent, un-fixable flaws in the design of USB sticks.
“These problems can’t be patched,” said Nohl to Forbes contributor Gordon Kelly. “We’re exploiting the very way that USB is designed… You can give it to your IT security people, they scan it, delete some files, and give it back to you telling you it’s ‘clean’ but the cleaning process doesn’t even touch the files we’re talking about.”
Discovery will not deter employees from use
While the easy thing to do would be to ban these devices outright in offices, this is a task often easier said than done. The consumerization of IT has shown employees that they don’t need tech staff to help them manage many of the machines and software they use on a daily basis. The unfortunate reality of the situation is that there is no way to enforce regulations of this nature.
But this does not mean that organizations can just give up and let workers do whatever they want. Companies need to have rules and training in place that will help foster positive habits. But there are always going to be a few people who believe that they are the exceptions, or even that just doing it once won’t hurt anything. Because the chance for inadvertent infection is still so high, other measures will need to be taken.
System restore software an effective line of defense
Any security strategy worth its salt has more than one form of protection and this goes double for cyberdefenses in the workplace. Advising employees on proper use of technology within the company is a start, but various kinds of software are going to be essential in order to cover the most bases.
Thankfully, Faronics has a wide variety of products that can be used to address the mounting threats. Users while working on computers inadverdently download files from a USB drive containing malware or similar unwelcome files. Therefore, computers systems need to be rectified, reimaged and/or reformatted manually, which is a time consuming process.
In order to ensure minimal downtime and maximum protection from modern threats, businesses should make Faronics Deep Freeze a cornerstone of their defense strategy. Deep Freeze freezes the system settings, allowing them to be automatically restored after a reboot. This not only neutralizes different threats, but also allows employees to handle their own issues without bothering the IT department. In turn, IT will have more time to handle company-specific concerns.
In the modern day, security issues are not a possibility – they are inevitable for everyone. It is important to recognize this and take the necessary precautions before a breach occurs.