The nature of business information technology is at a crossroads. On the one hand, pressure to enforce good corporate governance, secure sensitive information and meet compliance mandates would seem to demand ever-tighter controls. On the other hand, the need to respond to new business opportunities, to collaborate with a greater number of partners more closely, and the emergence of new technologies are placing unprecedented strain on existing security processes and practices.
One of the most commonly cited areas where these two opposing waves meet is in the area of control over user-owned devices that may hold sensitive or proprietary data. This problem has become acute as the storage power of removable media such as flash drives and portable hard drives has rapidly outstripped the security controls designed to manage them.
This two-part whitepaper will address some of the best practice approaches that you may wish to evaluate and potentially adopt in order to reduce the risk of USB devices becoming the source of a significant leak or virus infection.
Part one will discuss the nature of the challenges facing organizations such as yours, that wish to reduce the risk of a data breach caused by the unmanaged use of removable media such as USB flash drives. It will also discuss how to begin to address these challenges, from building policy to educating users.
Part two will address the various controls that can be put in place, discuss which are appropriate depending on the type of information you wish to secure, and also provide guidance on an idealized solution.