Lax USB stick security causing havoc

Security professionals routinely carry around portable storage devices loaded with sensitive work-related data, potentially putting company information at risk.

According to a straw poll carried out at Infosecurity Europe last month, 90 per cent of the 12,000 attendees routinely carried portable storage devices.

SmartLine, a developer of network management and end-point security offerings, conducted a short survey on its stand.

"Ninety per cent of our visitors were carrying USB sticks, MP3 players, mobile phones with a memory card, digital cameras or some other storage gadget, " said Sacha Chahrvin, managing director for UK & Ireland at SmartLine.

"If they are representative of Infosec's visitors as a whole then nearly 11,000 had such a device on them. We calculated that there were just under 22,000 devices in total wandering around at Infosec."

The survey also showed that 80 per cent of visitors believed their company had lost valuable confidential data through the use of these devices.

Of the 20 per cent who were confident that their data was safe from rogue USB sticks, only one did not use such devices at work.

"The security experts who visited our stand were very honest, and most admitted to a security breach. My concern is that the remaining 20 per cent are just kidding themselves," said Chahrvin.

"Our survey shows that these devices are extremely popular. Only 10 per cent of people did not have one on them, and everyone who took part in the survey owned at least one such product, even if they hadn't got it with them.

"Although these gadgets are designed to be perfectly harmless, it does not take much for them to become a major security headache. It is all too easy to use them to siphon off valuable data.

"Even legitimate users can simply lose the device, or have it stolen. Organisations need to ensure that they have the right security measures in place to protect themselves from this type of data leakage."