Avoid the Memory Card Menace
The risks in removable media
Everyone is familiar with the humble floppy disk. For many people, it is the main way to transfer data between computers. My wife still uses floppies to transport the plays she writes to different theatres. But in comparison to the latest technology, a floppy disk is so primitive it might as well be a stone tablet. People's perception of risk hasn't caught up with what is now possible.
For example, you can store 512MB in a secure digital card the size of a postage stamp. This is the equivalent of 364 floppy disks or an encyclopaedia or (more worryingly) a complete customer database plus a copy of all your company's correspondence. Pen drives, MP3 players, digital camera memory cards, removable hard disks, CD and DVD writers all allow staggering amounts of data to be transferred quickly and easily. And you might not even know it's happened. Even if the data is being transferred for legitimate reasons, the loss or theft of the portable device that carries it is still a risk.
A recent survey found that such removable media were used on 85% of business networks, with many employees using them to transfer work between home and office PCs. However, a vast majority of firms had no policies to prevent or manage the use of removable media. A few organisations, such as the RAF, have very strict policies and enforce them with all the rigour that military discipline can impose.
The sponsors of the survey, Reflex Magnetics, have developed software that can control users' ability to copy data to removable devices. However, there are things that a small business can do without spending a lot of money or getting the RAF to frisk your employees.
Removing the Risk of Removable Media
'The very first thing they need to do is a bit of risk analysis,' says Andy Campbell, MD of Reflex Magnetics. They should 'look at their business critically - what are we storing on the network, what access do we give, do we want that data easily transported out of the office?'