"Employees are aware of USB drive security risks, but don’t follow best practices"
In a study that was conducted, employees were found to be aware of the risks associated with inadequate USB drive security. It was found that while 91 percent of respondents claimed that encrypted USB drives should be mandatory, 58 percent of respondents confirmed that they regularly use non-encrypted USB drives. Although 64 percent of organizations have a policy outlining acceptable use of USB devices, 64 percent of respondents said their employees use USB drives without obtaining advance permission to do so. It was also discovered that nearly half of the respondents lost a USB drive without notifying appropriate authorities about the incident. It is important that employers implement strict security policies to defend against the shortcuts employees will take. Beyond policies and procedures, organizations should reinforce that their employees use encrypted USB drives that require a unique PIN to make information on USB drives more secure.