Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Companies see risk of removable media but still turn a blind eye

In spite of knowing that removable media as media players and USB memory sticks are insecure, most IT professionals still don't use any security technologies to protect their mobile data.

June 8, 2006 - Pointsec Mobile Technologies, the global leader and the provider of the de facto standard for enterprise security software for laptop and desktop PCs, PDAs and smartphones, today published results from a survey on the use of removable media among IT professionals.

The survey is conducted for the second year in a row and shows that the number of IT professionals who use USB memory sticks, digital media players and external disks, has doubled compared with last year's results. That is in spite of the fact that many of the surveyed IT professionals know that storing corporate information on a removable media poses a security risk.

The survey this year was conducted amongst 248 IT professionals in the United Kingdom (many of whom are IT security managers). 66 percent of those who use removable media have no security policy for removable media. 65 percent are aware of the security risk associated with that kind of media that could easily get lost or fall into the wrong hands.

56 percent of the surveyed are using their mobile storage devices to store corporate information such as contracts, proposals and other business documents. 22 percent use them to store their customer's name and addresses. Three percent store passwords and bank account numbers on removable media. Most of them, 70 percent, use removable media to store downloaded music files.

Only 21 percent have some security in place on their media, such as password protection or encryption. 12 percent are banning the use of removable media in the company.

- The use of mobile devices and removable media such as USB memory sticks has increased enormously, not only in the home but also at work. The devices are small and cheap but they are ticking security bombs if they're not secured properly, said Peter Larsson, CEO of Pointsec. But instead of banning such devices at the company there are other solutions that will keep IT security managers happy. The importance of securing removable media has increased after the implementation of legislation frameworks such as Sarbanes Oxley and Basel 2.

To secure your company from the security implications associated with removable media and mobile devices Pointsec recommend that you:

  1. Deploy user mobile guidelines or ensure that your corporate IT security policy includes corporate directives that state the importance of proper handling of mobile devices such as removable media.
  2. Ensure that all members of staff are aware that their employee does not allow non-company devices to be used within the company network.
  3. Use encryption software such as Pointsec Media Encryption which enables centralized policy enforcement of strong encryption of all data stored at mobile devices and removable media.
  4. Have methods in place which enables encrypted data to be decrypted in a controlled way outside the corporate network.
  5. The encryption process should be transparent and quick to the user, so that it does not interfere with their work or put any extra requirements on the user.
  6. Have methods (independent of the end user) which enable decryption of all encrypted data within the company network.

About Pointsec
Pointsec is the worldwide de facto standard for mobile device security – with the most customers deployed, highest level of certification and more complete device coverage than any other company. Pointsec delivers a trusted solution for automatic data encryption that guarantees proven protection at the most vulnerable point where sensitive enterprise data is stored – on mobile devices. By securing sensitive information stored on laptops, PDAs, smartphones, and removable media, enterprises and government organizations can protect and enhance their image, minimize risk, shield confidential data, guard information assets, and strengthen public and shareholder confidence. Pointsec's customers include blue chip companies and government organizations around the world. Founded in 1988, Pointsec Mobile Technologies AB is a wholly owned subsidiary of Protect Data AB, publicly traded (PROT) on the Stockholm stock exchange. The company has two U.S. offices, nine EMEA offices, two APAC offices, two offices in India and one office in Dubai, Middle East. Pointsec can be found on the web at: www.pointsec.com.