Monday, March 26, 2018

How-To Prevent Data Breaches: Restrict the Use of Unencrypted Removable and Mobile Devices

A common cyber attack vector is the use of removable and mobile devices to move data into and outside an organization. Unless controlled, this poses a great threat. For example, an adversary may be able to use a USB device that is laced with malware to infect an endpoint and subsequently an entire organization. A “trusted” or disgruntled employee may be able to pilfer sensitive data from an organization using a removable storage or mobile device. Also, an innocent employee who misplaces corporate personally identifiable information (PII) data stored in a removable or storage media puts the organization at grave risk.

To enforce removable media usage: user awareness training is absolute; controlling/banning remove media that are not encrypted is another means of prevention; and testing security controls meant to enforce USB or removable media usage is necessary.

Protect your enterprise with an endpoint threat detection and prevention platforms such as @threatresponder or for more information see: #howtopreventdatabreaches