Organizations that have a digital presence have come to terms with the fact that eventually they will experience a security breach. The issue is not if it will happen, but how they will react to the breach to minimize the damage. As the threat landscape continues to grow in sophistication and severity, it is essential to take proactive measures that take into consideration the events that will take place before, during and after an attack. A new survey by SANS Institute (News - Alert) titled, “Securing Portable Data and Applications on Enterprise Mobile Workspaces” has revealed a large number of corporate and employee computing devices still remain unsecured.
The SANS Institute is a cooperative research and education organization that provides cyber security training and certification to professionals at governments and commercial institutions globally. Its latest survey has found laptops and desktops are still the preferred method of mobile workers carrying out their jobs at 84 percent, however they are not being used with managed security, which presents a very serious threat.
The institute went on to say many organizations don’t have a clear understanding, or they underestimate the security risks unmanaged laptops and desktops used by mobile workers represent when accessing enterprise resources. It recommends USB devices and Windows To Go for providing an environment that is more secure, and therefore addresses the challenge of protecting mobile workers.
“Even with many employees doing their work on unsecured or unmanaged laptops or desktops, many companies limit the use of USB devices, which could help provide data protection. But fewer than half of those have technical controls to help enforce the policies. And, most don't encrypt the USBs, which opens a sizable potential data breach vector,” said SANS Analyst Jacob Williams.
Generally security breaches take place because protocols are not being followed and there is not an established governance with strict rules that have to be followed. This is highlighted in the survey, as only seven percent of organizations with 500–10,000 employees and just 13 percent with more than 10,000 employees encrypt their USB devices. And with these devices being as one of the primary gateways for introducing malicious software, more has to be done to ensure they are properly protected and used by members of the organization.
The Windows To Go solution is viable option which lets companies have their own fully manageable corporate image installed on a bootable certified USB drive. This not only helps businesses address mobility, but it doesn’t require connectivity to the company network, therefore eliminating a breach from taking place by remotely accessing the organization.
Will having an encrypted USB drive and using Windows To Go ensure total protection, absolutely not. But as security experts will tell you, each barrier you put between you and the resources you want to protect is an added layer that will take hackers longer to break into your organization.