How to protect your USB stick

One business recently learned a tough lesson about data security. On a trip to Barcelona an employee’s backpack was stolen. Inside was a USB stick on which he had stored not only his personal passwords and banking information, but also confidential business information, such as network access keys, security codes to the building and pending contracts. Now his personal security and financial holdings company are at risk.

Everything that makes USB flash drives so convenient – their ease of use, high capacity, portability and low cost – are exactly what makes them vulnerable. That’s because they can be easily misplaced, “borrowed” or stolen.
Built in HP protection
High-speed USB is now a standard for modern flash drives, with capacities up to 16 GB not uncommon. Such quick and efficient access to, and portability of, information means you need to take security seriously.

Part of the HP ProtectTools security offering is the Personal Secure Drive. Built into our desktops, notebooks and workstations, this feature allows you to encrypt the data on your USB sticks using the TPM embedded security chip. Data protected using PSD can then only be read on the system that encrypted the data. And if your USB stick is lost or stolen, the information it contains cannot be accessed.

Another feature designed to secure confidential data is Device Access Manager. This allows you to protect your systems so that unauthorised users cannot insert USB sticks and copy data onto them.

Encryption solutions from companies such as SafeBoot allow for the encryption of data on USB drives. These drives can be used on any system if the user is authenticated. These solutions are portable, yet secure.
What you should be doing
Here are some measures you can take yourself in order to protect the data kept on your USB sticks.
Separate business from pleasure
Keep business and personal information separate. If you have a USB stick that you use to move personal files, such as music or photos, between computers, think twice before putting confidential business information on the same stick. These files are probably backed up on a home computer. Even if you lose them permanently, you’re not putting your business at risk. With sensitive business data, such as client information, you should take extra measures to ensure the safety of your information. Instead, have a dedicated business USB stick that you’ll handle with as much care as the sensitive information it contains deserves.
Protect it with code
Data encryption, or scrambling the data, is still a simple and smart way to protect data. Microsoft recommends creating and encrypting a folder to store the files that need extra protection. All files created or moved to this folder will be automatically encrypted. In Windows® XP and Windows® 2000, right click on the folder and choose Properties. In the General tab, click Advanced and check box “Encrypt contents to secure data.”
Protect it legally
Create a text file warning and load it on all company USB drives. The file should include a legal disclaimer stating that the information on the drive is confidential and protected by law.
Protect it physically
Many manufacturers are creating USB flash drives that also provide a physical security component. Some now come with biometric fingerprinting for authentication. Others have combination locks like a padlock or shred the data after a certain number of failed password attempts. Remember, not to leave your USB drive lying around. If the data on it is highly sensitive, lock it in a safe or at least a locked drawer when not being used or transported.
Access a secured network instead
Another way to reduce the risk of losing USB sticks is not to use them for data that is confidential, and cannot be replaced. For confidential data, a safer idea may be for companies to allow employees to access the company network remotely through a secure network. This way they do not have to carry confidential files around on a USB stick when they need to work off-site.
Link