When it comes to USB protection, there are largely two ways of protecting oneself from an information data breach:
The former allows an organization to keep the productivity gains from the easy flow of information while minimizing the risks of a data breach (e.g., a lost USB memory stick); port blocking software allows a company to limit internal data leaks. Let’s take a brief look at the first, the use of encryption.
USB Protection Via Encryption Software: File Encryption vs. Disk Encryption
When one talks of USB protection and refers to storage devices, it could be a reference to data security for media like CDs or something more robust–like external hard drives or USB flashdrives.
If full disk encryption is used, all the contents on the device are protected. This is an ideal data security scheme for external drives and USB memory sticks. Just having a file saved on that encrypted device means the data is protected. The downside is that, if you copy a file off that encrypted device to something else (say, a friend’s computer with no encryption), that file won’t be protected anymore. Likewise if you e-mail it or upload to a community site.
Also, it goes without saying, if an unauthorized person has access to that disk, he’ll have access to everything on that disk. So, very important that you use a strong password and keep it secret.
If file encryption is used, only the encrypted files are protected from data breaches. The benefit is that, no matter where it’s copied to, mailed to, or uploaded to, that file will remain encrypted and, hence, safe.
File encryption would usually be used on backup tapes, email attachments, CDs or DVDs, although it certainly can be used to secure individual documents saved on USB disks or internal hard drives–it’s just a matter of copying it over.
Full disk encryption is generally used for securing large capacity storage systems like hdd drives (external as well as internal) and USB memory sticks.
USB Protection Via Port Control
Port control software does what its name implies: it controls a computer’s USB ports. It can block certain devices from working when plugged into the USB port, allowing for better security of your data. Furthermore, the control is granular, so you could have two people plug in the same model of something, and have one work while the other doesn’t (e.g., my iPod is exactly like your iPod, in terms of hardware, but mine can transfer data to and from the computer. You can’t, per the USB protection settings.)
Is this necessary? Absolutely. Encryption is great if you’re trying to prevent (well, technically, minimize. As Franklin said, the only thing absolute in life is death and taxes) outsiders from getting to your company data, either due to carelessness (such as a lost USB memory stick) or theft (company break-in and theft of computers and servers).
But what your employees stealing or being careless with data? For example, an employee could bring his own USB memory stick to work, and use it for copying and transferring data. No ill will involved, just trying to be productive. Then one day, he forgets to delete confidential data…and where’d that darn thing go? Oops, data breach.
Fortunately, there is a way to prevent such scenarios from happening by engaging in port blocking.
Companies like AlertBoot offer encryption software as well as port control software, knowing that data security is not a one-shot deal. There are different ways for a data breach to occur, and it only makes sense to cover as many of them as possible. And, to make the process easier than traditional method, everything is done via a centrally managed encryption platform over the internet.