A study conducted by the Ponemon Institute in Europe has revealed that organisations are ignoring the risks associated with USB drives. France and Poland are most at risk while Germany is least at risk with 62 percent of organisations admitting they have adequate USB security policies.
A Study conducted by the Ponemon Institute in ten European countries shows that many organisations are ignoring the risk of unencrypted USB drives and don’t have appropriate USB security policies. The research also denotes marked differences between participating countries in their approach and implementation of USB drive security.
The European study, an extension of an earlier study conducted in the United States, was conducted on behalf of Kingston Technology to gain insight into how organisations manage the security and privacy requirements of data collected and retained on USB drives. The study confirms the pressing need for organisations to adopt more secure USB products and policies. A total of 2,942 IT practitioners with an average of 10.75 years of IT or IT security experience in Denmark, Finland , France, Germany, Netherlands, Norway, Sweden, Switzerland, Poland and the United Kingdom were surveyed and all acknowledged the importance of USB drives from a productivity standpoint. Across Europe, 71 percent of respondents confirmed that their companies do not have the technologies to prevent or quickly detect the download of confidential data onto USB drives by unauthorised individuals. The statistic shows most organisations are disregarding the risks of using unencrypted USB drives, resulting in most companies ‚ 62 percent of those questioned ‚ having suffered a loss of confidential or sensitive data because of missing USB drives in the last two years.
When comparing individual European countries, perceptions and practices about the importance of USB security is highest in Germany ‚ with 62 percent agreeing that their organisation has an adequate USB security policy in place to prevent employee misuse. On the contrary, France and Poland are most at risk as a result of employees’ practices ‚ 85 percent of respondents in France and 83 percent in Poland say that employees use USB drives without obtaining advance permission to do so.
Evidence of widespread compromise is apparent:
¬∑ 75 percent of respondents say employees in their companies are using USB drives without obtaining advance permission to do.
¬∑ A staggering 63 percent of respondents confirmed employees lose USB drives without notifying appropriate authorities all the time or very frequently.
¬∑ France, UK and Poland have the highest rate of data breach as a result of a missing USB drives.
“At Kingston we believe a lack of oversight, education and corporate confusion are factors that lead to the overwhelming majority of data loss when it comes to USB Flash drives,”” said Jim Selby, European Product Marketing Manager at Kingston Technology.”” Organisations fear that any attempt to control a device like a USB is likely to be futile and costly, both in terms of budget and loss of productivity. However, a simple analysis of what a company needs and the knowledge that there is a range of easy-to-use, cost-effective, secure USB Flash drive solutions can go a long way toward enabling organisations and their employees to get a handle on the issue.””
‚This survey has made it clear that attitudes toward USB security differ across Europe, but the overall findings underline how many organisations still lack rigorous and secure USB data protection policies, thus leaving a huge hole in corporate security strategies,‚ said Dr. Larry Ponemon, CEO of the Ponemon Institute. ‚Rarely a month goes by without another ‚confidential data lost on a USB drive’ story being reported in the press, so we hope the results of our survey acts as a wake-up call for European organisations.‚