The IT people at many organizations have many nightmares that may be keeping them awake at night. One of them is the fear that important data may find its way onto a flash drive, and then leave the company in an employee’s pocket or bag. With flash capacities reaching 256 GB or higher, the compromise of that much sensitive information can be devastating to a company. This problem is one that is being dealt with using best practices, company policies, and other measures to prevent ‘walking’ data.
While the act of writing sensitive data to a usb flash drive is often mediated by controls within a company, there’s another risk: what happens to the data if the flash drive is lost or stolen? This particular problem effects consumers and small businesses just as much – if that flash drive that you’ve stored credit card numbers on; or put financial information onto; or that contains other sensitive information that you don’t want someone else to see – what happens if THAT drive is lost or stolen?
The real question is this: what happens to the data if the flash drive falls into the wrong hands? The results could, of course, be costly and potentially disastrous. Company secrets, confidential employee records, or who knows what can be used to cause great harm.
While it’s virtually impossible to guarantee that such drives won’t be lost or stolen, it is possible to protect the data that is stored on the flash drives. A few methods that can protect the data on the drives are readily available:
- Bio-authentication (Biometrics)
- A combination of both
Encryption uses software, recorded onto the flash drive and run when the drive is inserted into a computer, that provides the key that is necessary to encrypt data written TO the drive or to decrypt data that is read FROM the drive. Without the key, the data on the drive will require tremendous time and effort to make sense of the data. There is software available that will prepare standard flash drives for encryption. The relatively simple process of installing the security software will protect the data on the flash drive.
Bio-authentication (also called biometrics) takes this even further. A series of drives from Imation, for example, has a fingerprint reader built on to the drive. Software loaded onto the drive runs when the drive is inserted into a computer. Once the software is configured and run – and/or the necessary fingerprint is read into the drive, it’s ready for use. For future uses, unless the fingerprint submitted matches the one stored on the drive, the data will be unavailable.
A wide range of standards have been developed for encryption. These include the Federal Information Processing Standards (FIPS), the Advanced Encryption Standard(AES) and the Defense Encryption Standard (DES), which the AES has largely replaced. Encryption can be done in hardware or software, and a variety of encryption levels can be implemented.