What are you looking for ?
DataOn
datadobi

Majority of IT Departments Not Implementing Tools to Manage USB Device Usage – Apricorn

Only 47% require deployment of encryption for data stored on USB key.

Apricorn, Inc., manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB storage devices, announced the results of its latest report, The State of USB Data Protection 2019 Part 2: Employer Spotlight.

The report revealed that for the second year in a row, the majority of employers are failing to equip their employees with the appropriate technologies, procedures and policies to ensure data security across the organization. The survey report, which polled nearly 300 employees across industries including education, finance, government, healthcare, legal, retail, manufacturing, and power and energy, examined Y/Y trends of USB drive usage, policies and business drivers.

Apricorn Usb Key

The report indicated that even though 87% of organizations use USB drives, the majority of IT departments aren’t implementing tools to manage USB device usage.

For example:
• Nearly 6 out of 10 organizations (58%) do not use port control/whitelisting software to manage USB device usage
• More than a quarter of organizations (26%) do not use software-based encryption
• Less than half of organizations (47%) require the deployment of encryption for data stored on the USB drive
• Meanwhile, an overwhelming 91% of employees say encrypted USB drives should be mandatory

In addition to employers’ shortcomings in providing the necessary tools to manage USB device usage, the report also indicated that IT departments’ policies for secure USB device usage are severely lacking. By comparing the key results of this survey vs. Apricorn’s previous USB data protection report (see below), several concerning trends materialize, including:
• Less than half of organizations (47%) have a lost/stolen USB drive policy in place – compared to 50% in 2017
• The majority of respondents (53%) claimed their organization does not have appropriate technologies to prevent or detect the download of confidential data onto USB drives
• However, in Apricorn’s 2017 survey, the majority of respondents (54%) claimed their organization did have those appropriate technologies
• Nearly half of organizations (44%) do not have adequate governance and policies to manage the use of USB drives in the workplace, compared to 42% in 2017’s report
• Less than half of organizations (47%) require the deployment of encryption for data stored on the USB drive (an incremental improvement on the 42% from 2017)
• Finally, while more organizations in 2018 had a policy outlining acceptable use of USB devices than in 2017, more than a third (36%) still don’t have a policy in place

In contrast to these troubling results, the report did reveal one positive trend: there was a 24% drop in the number of organizations regularly using non-encrypted USB devices (58% in 2018, compared to 82% in 2017). It is vital that this percentage continues to drop, considering that the Ponemon Institute estimated that the average total cost of a data breach increased by 6% between 2017 and 2018, to $3.86 million per breach.

The report also suggested that the cloud isn’t the cure-all approach answer, either: more than half (57%) of organizations have low-to-moderate confidence in the cloud for migration and storage of their company’s most sensitive data.

Considering the increase in volume, sophistication and severity of security threats facing organizations today, it is critical that employers arm their employees with secure USB drives to prevent highly damaging data breaches,” said Mike McCandless, VP sales and marketing, Apricorn. “Even though 90% of employees use USB devices today, the fact that nearly 60% of employers fail to use port control or whitelisting software to manage USB device usage is alarming. Organizations should not only implement strict data security policies, but they also must reinforce that their employees use encrypted USB drives that require a unique PIN.

Apricorn surveyed nearly 300 employees from industries including education, finance, government, healthcare, legal, manufacturing and retail in the fourth quarter of 2018. This survey was completed online, and responses were random, voluntary and completely anonymous.

Read also:
Majority of Employees Use Non-Encrypted USB Drives – Apricorn
Even though 91% say encryption should be mandatory.
May 17, 2019 | Press Release

subscribe