According to a media report, East and North Hertfordshire NHS Trust had violated the Data Protection Act after a doctor lost an unencrypted USB drive containing patient data on a train. Although the doctor informed the Trust soon after discovering the loss, the drive could not be recovered.
With the news of lost USB drives becoming common, it is important to not only to secure your USB drives, but also get them centrally managed. This ensures that your organization never again loses any data on the USB.
Switching to Secure Managed USB Drives: Points to Consider
Here are some factors to consider while switching to centrally managed USB drives:
- Ease of deployment and speed: Consider the speed and ease of distribution of secure drives to users. Also, delegation and provisioning of rights to the administrator should be cost-effective and done with little effort.
- Device management control: Consider the level of control over the end users of the USB drives. The drives should be able to offer effective malware protection and allow only authorized software to run off them. Besides, you must also be able to verify the receipt of distributed software and content to the end user.
- Privacy requirements: Ensure compliance with legislation and organizational policies when moving into centrally managed USBs. The feasibility of auditing the drive content, especially in terms of local laws and legislations, should also be considered.
- Determine administration methods: Decide the techniques of administering every task, be it about helping users with forgotten password, recovering lost data to a new drive or tracking and retrieving data from lost drives.
- System accessibility: The system should be able to deny access to administrators and users who are no longer employees. This should be achievable by disabling them in the corporate directory, rather than removing users from several systems.