Dsa 102 Lesson 3

Download as pptx, pdf, or txt
Download as pptx, pdf, or txt
You are on page 1of 12

SECURITY AWARENESS

DSA 102
LESSON 3
REMOVABLE MEDIA
Prepared by:
Prof. Rey-an V. Baricanosa, MSIT
Lesson Objectives

1. To understand the use of removable media.

2. To understand the risks and to know how to use the removable media
devices safely and responsibly in an organization.

3. To understand the risk involved in using removable media


What Is Removable Media?
Removable media can be thought of as a portable storage
medium that allows users to copy data to it and then take it off site, and
vice versa. It presents itself as a convenient, cost effective storage
solution that is available in many different size capacities and form
factors, with differing transfer speed capabilities. Removable media can
take many forms,

• USB Drives (Pen Drives, Portable Hard Drives)

• Smartphones, music players and similarly equipped handheld devices

• SD Cards
• Optical Media (CDs, DVDs, BluRay)

• Legacy Media: (T)


As you can see, removable media encompasses a large group of
storage technologies, which is why some people have difficulty
understanding what is meant by the term. Adding to some of this
confusion is the function that removable media serves. There are a
few different applications for removable media, including:

• Backup storage for files on PCs, laptops and servers


• Additional storage space for PCs and laptops

• A bootable Live Operating System

• A bootable installation media such as Windows and Linux There are


many reasons why removable media might be required in your
business environment, and there are valid reasons why you might
allow such devices on your network. However, as with most
technologies, there are risks involved. The following information will
seek to detail the potential risks, as well as some techniques that will
help you to minimize your company’s risk of exposure to the dangers
that are associated with removable media. This information needs to be
passed onto your users via the following methods, with which we go into
more detail towards the end of the article. They are:

• Initial user training and IT policy explanations

• Periodic refreshers

• A concerted ongoing awareness campaign from the IT department

• Newsletters and company-wide email reminders


What Are The Risks Involved With Using Removable Media?
There are many advantages to using removable media, chief
among which is the quick and convenient means by which users can
copy, transfer and backup data. This same ease of use and convenience is
part of the problem with removable media, however, as malware and
viruses are able to easily replicate and distribute themselves to
unprotected removable storage devices that are not write-protected.
Here are some other risks that removable media can expose your
company to, if not managed properly:
• Data Security
• Malware Infections
• Copyright Infringement
• Hardware Failures
Data Security

Any time that an employee copies sensitive data to removable


media such as a thumb drive or CD, there is a risk of that data being
accessed by unauthorized personnel. One such case occurred in 2012
when a detective in Manchester, England had his house burgled. His USB
stick containing the details of over 1000 individuals relating to
investigations was stolen during this incident. Greater Manchester Police
was then fined over £120,000 ($155,000 at today’s exchange rate)
following an investigation of the incident. So we can see that there are
real financial implications for such
occurrences because of the seriousness of data security breaches.

It is important to remember that once a device is no longer in


your possession, you have no control over the data or who has access to
it. Confidential information can then be transmitted to other parties, or
posted online for all to see. There are some devices and software
applications that encrypt data on your device or media, giving you an
added layer of protection in the event of your device getting lost or
stolen.
Malware Infections

Malicious software, or malware, is a major problem for modern


businesses. Malware is able to spread via removable media, and it is risky
to use such media if the source cannot be identified .One such example is
a recent study that has shown that as many as half of the USB sticks that
are picked up in parking lots of business properties are then plugged into
the user’s computer once they get inside their offices. This means that
any malicious software that is on the USB drive can then infect the
company network. Rewriteable CDs, DVDs, and BluRays are all capable of
delivering a malicious payload if autorun is enabled on a desktop PC,
server, so having an up to date antivirus application is essential for
businesses to ensure the continued safety of their network.

Media Failure
Removable Media is inherently risky as a primary storage
solution, and for many reasons. Due to the low cost and high production
quantities of the different media types and devices, some may have
shorter life spans than others. It is therefore really important for users to
understand the importance of storing sensitive, important and
confidential information safely and securely on the organization’s file
server or NAS device. This is so that in the event of media failure, loss,
theft or damage, then the data that is lost on the media is at least backed up
to another source.

You might also like