Vulnerability management plans for employee flash drives

As the price of memory used in USB flash drives plummets, the capacities of the devices seems to grow at an equal rate, improving their usefulness across a range of applications.

In turn this makes the ubiquitous 'memory stick' something of a baseline commodity that is used in almost every industry to transfer data and documents from one machine to another without using wireless connection, content management systems or other digital options.

However, this same level of familiarity makes USB drives something of a target for malicious activities, both as a source of valuable details and as a point of injection for future attacks.

A common practice is to pick up a device, check it for information, and then return it with a hidden installer that activates when it is plugged into a victim's machine.

In response, many firms issue blanket bans on the use of such devices across their in-house facilities – the reasoning being that if no information is stored or received on flash memory sticks, there is no chance of them falling into the wrong hands.

While this approach may have its merits, it still pays to have vulnerability management plans in place should the potential for a security breach arise.

<br /