Data concerns regarding USB drives

Handling growing reams of information has been one of the challenges facing the business world in the past few years as servers have stored ever-increasing volumes of records and data has become far more mobile than ever before.

With documents now stockpiled everywhere from computer hard drives to smartphone devices and remote cloud servers, security has also been an issue as companies are required to protect their confidential documents, both by law and as a means to safeguard business continuity.

But while backing up files is a good way to prevent any problems arising and data protection methods can help companies defend against thieves looking to steal sensitive information, Australian company RailCorp has moved to stop selling lost-and-found USB keys as it has emerged personal details could still be obtained from the devices.

According to reports, a 2011 Sophos study found that while the organisation had been taking steps to 'clean' the drives before selling them on, the data stored on them had not been encrypted and so could easily be recovered.

"The most shocking thing was that not one file on any of the keys we bought was encrypted - even those files which contained personally identifiable information or proprietary information from work," wrote Sophos' Paul Ducklin.

Also included in the results of the investigation - which saw Sophos purchase a number of USB keys at auction and scrutinise their content - was that malware was found on two-thirds of the devices, revealing that Railcorp's techniques for wiping data off the drives was failing to protect past owners.

Following the findings, the company has explained that it will now destroy all USB devices that it finds rather than selling them on, and the hope will be that the business's past sales have not resulted in people's sensitive information falling into the wrong hands.

• Security firm warns mobile malware is on the up

  

  15th May 2013

  Thanks to the convenience of tablets and smartphones, many businesses are now allowing employees to use them outside the office to do their jobs wh...

• Solihull Council finds BYOD works well for its staff

  

  13th May 2013

  Lots of companies have begun trialling 'bring your own device' (BYOD) programmes over the past few months and many are already finding it offers lo...

• Workers failing to secure sensitive data

  

  10th May 2013

  Many workers are inadvertently leaving their company vulnerable to a data breach, a new study has revealed.

  According to research by Modis, 50 per ...