Product Guides- Windows 7 beta shows off task bar, UI goodies
- How the yellow first-down line actually works
- Outlook '09
- Microsoft research projects to improve our lives
- Ballmer sets loose Windows 7 public beta
Linda Musthaler's CIO-level look at the latest networking technologies and their benefits and pitfalls.
Imagine yourself in this position. It’s Monday morning, and your task is to go to your lead executive to let him know that an ambitious employee who wanted to get some work done over the weekend just reported that her USB flash drive was either lost or stolen from her desk. The drive contains downloaded medical and financial records for 1,200 patients with HIV, AIDS and other medical conditions. The data stored on the drive is not password-protected or encrypted and includes the patients' names, medical record numbers, billing codes, the facilities where the office visits occurred and other billing information. It also included the patients' Medicaid or Medicare numbers, which can indicate their Social Security numbers or those of their spouses.
What a way to start the week, right?
The unfortunate thing is that this scenario really happened. In July 2008, an administrator at the Harris County (Texas) Hospital District admitted losing the USB drive with all that sensitive information. She simply wanted to catch up on her work at home over the weekend, and now the county department has a major data breach – as well as HIPAA violations – on its hands.
Could something like this happen in your office? Very likely, yes. In recent years, USB flash drives have proliferated; their cost and convenience make them extremely popular with office workers. You, yourself, probably have a handful of them in your desk drawer. I do.
SanDisk Corporation, a leading maker of those popular little USB flash drives, commissioned a study on the risks of unsecured flash drives. The study revealed some not-so-surprising insight:
* 77% of corporate end users have used personal USB flash drives for work-related purposes.
* End users report the types of data most likely to be copied to a personal flash drive include customer data, financial information,
business plans, employee data, marketing plans, intellectual property, and source code.
* 44% of corporate end users indicate their company does not have a policy that forbids copying corporate data onto a personal
USB flash drive.
* 67% of corporate IT managers are implementing or have implemented policies as a result of a data/security breach in their
organization.
It’s no secret that USB flash drives are a weak link in the data security chain. The SanDisk Enterprise Division is addressing that weakness by working with a variety of partners in the SanDisk Enterprise Solutions Technology Alliance (SESTA).
Linda Musthaler is a principal analyst with Essential Solutions Corporation.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2009 Network World, Inc. All rights reserved. |
Comments (2)
USB Flash Drives InsufficientBy Maven on December 9, 2008, 10:58 pmIt is true that SanDisk and many others are now providing various ways to secure USB flash drives. That is at least a good starting point - but only as far as it...
Reply | Read entire comment
USB Flash drivesBy Mark on November 14, 2008, 1:34 pmIs this article just paid advertisement for SanDisk? These are me-too products that have little if any support. Their value is dubious and they are not cheap. I...
Reply | Read entire comment
View all comments