While assessing cybersecurity risks for your organization, have you considered removable media? Removable media, like USB devices, are an often-overlooked piece of the cybersecurity puzzle. USB devices are small and can hold a lot of data which makes them useful to store and transfer information. However, USBs are easily lost and can be easily infected with malware. Take some time to review how your organization utilizes USBs or similar devices to ensure that your cybersecurity risk is minimized. 
Removable media safety tips:
- Ensure any data stored on USBs is encrypted. This is an important step if any company data is stored on USBs. It’s also a step that many organizations skip. But if the USB is lost or stolen, any information on the USB that’s not encrypted will be compromised.
- Train employees on USB risks. Employees need to know how to keep USBs with company information secure. It’s also important to train employees not to plug in any random USB into their computer. Sometimes criminals will install malicious software onto a USB and leave it somewhere, hoping to gain access to company data when an employee picks it up and plugs it in. Or the USB may contain malware that was on a previous user’s computer. It’s safest to turn in any random USB to the IT department.
- Establish a policy on removable media. Whenever possible, it’s best not to store company information on USBs or other devices. Develop a policy to minimize their use and establish procedures to keep all USBs secure. Ensure employees are trained on these policies and procedures.
By taking these simple steps, organizations can further protect their sensitive data from being compromised through USB use.
Additional cybersecurity resources
Keeping devices safe with software updates
Defending your business against ransomware attacks
Crisis communication after a security breach
