Portable devices such as jump drives, personal audio players, and tablets give users convenient access to business as well as personal data on the go. As the use of such devices increase, so do the associated risks. But what exactly are the associated risks?
Here are some of the risks of using portable devices:
- Increase the risk of data loss, which happens when device is lost.
- Increase data exposure, which happens when sensitive data is exposed to the public or a third party without consent.
- Increased exposure to network-based attacks to and from any system the device is connected to, both directly and via networks over the Internet.
TechAdvisory.org reports that 25% of malware, also known as malicious software, is spread today through USB devices. These devices plug into the USB port of your PC and may contain malware that you copy unknowingly or that gets launched automatically by the Autorun or Autoplay feature of your computer or laptop. Once the malware infects your computer to steal or corrupt all your data, it might spread to other computers in your home or within your organizational network. Portable devices can also give malicious insiders the opportunity to steal data easily and inconspicuously since these devices are easy to hide and their use is hard to track.
Bluetooth and Wi-Fi can also pose the most risk to your devices. When Bluetooth is on, the device becomes discoverable to your headset but it also becomes discoverable to malicious attackers seeking to exploit the connection. Attackers can also target home and public Wi-Fi networks.
Another potential risk when it comes to storage devices and smart devices comes from their small size and portability. You can accidentally leave them at a café and never see them nor the data stored on them ever again. If your device happens to contain sensitive or proprietary organizational data, your company’s reputation and well-being — and yours — could be in serious jeopardy.
So what can you do to minimize the risks?
- The most obvious thing you can do is to install an antivirus software that will scan any device that connects to your computer via a peripheral port, such as USB.
- Never connect a found jump drive or media device to your computer. Give any unknown storage device to the security or IT personnel where you found it.
- Keep your personal and business data separate.
- Secure all sensitive information stored on jump drives, CDs, and DVDs using strong encryption.
- Set up a firewall and install antivirus as well as antispyware software on your computer.
- Ensure all software on your PC stays up to date with current patches. To make things easier, enable automatic updates so you don’t have to bother checking for updates.
- When transferring sensitive data from a USB drive, be sure to delete it using a secure delete utility once you’re done.
- Consider using jump drives that have an onboard anti-virus capability which automatically scans both the drive and any computer you plug them into.
Here are some good practices to keep your smart devices secure:
- Protect the device using a strong password or PIN and change it regularly.
- Before downloading applications, find out what access they want to have on your device. Most applications provide that information. Be wary of downloading applications that don’t.
- Download applications, games, and music from trusted sources only.
- Run anti-malware software on the device and take the appropriate action when it identifies something suspicious.
- Set up a local firewall on the device to filter inbound and outbound traffic and block malicious software.
- Configure your device settings in such a way that it will automatically lock itself when you’re not using it.
- Do not jailbreak the device. Jailbreaking the device removes the limitations imposed on a device by its manufacturer, often through the installation of custom operating-system components or other third-party software. This makes the device more vulnerable because it removes safeguards against malware.
- Activate the GPS functionality so you can track the location of the device if you happen to misplace or lose it.
- Disable Bluetooth, Wi-Fi, and other services when you’re not using them.
- When using Wi-Fi, be sure to encrypt your home network, use a VPN connection, or otherwise ensure that traffic is encrypted when you’re in a semi-trusted environment
- When using Bluetooth, set it to non-discoverable mode to make the device invisible to unauthenticated devices.
- Secure all the data stored on tablets using AES 128/256-bit encryption.
- Enable a remote-wiping feature to erase all data on the device if you misplace it or if someone enters too many incorrect passwords.