Scenario: You’re headed out of the office for a series of meetings and you want to bring some electronic documents with you –open files you’re working on, a draft of a presentation, etc. – but you don’t want to carry around your full laptop.
Typical Solution: Grab one of the thumb drives from the pile you probably have in your desk drawer, copy over the folders full and files you think you might need, and hit the road.
Problem: This is a case where convenience often trumps good sense. Throwing files onto a thumb drive and tossing it into your bag is fast and easy, but thumb drives are also easy to lose. Maybe it falls out of your pocket in a cab, maybe you plug it into a client’s computer and forget to take it with you when you leave. Either way, losing that thumb drive is equivalent to losing a file cabinet: there’s tremendous risk of exposing sensitive data.
Solution: You don’t need to entirely abandon convenience to get security. You can still use a thumb drive, you just want to make sure the contents of that drive are properly secured. There are a variety of specialty thumb drives on the market like the IronKey that come pre-loaded with sophisticated encryption software. If you want a cheaper route, the popular free encryption tool TrueCrypt can be used to turn just about any thumb drive into a highly secure encrypted drive.
A few cautionary notes:
- Encrypted or not, you still need to be careful about where you use the thumb drive. It’s generally smart to avoid public terminals (e.g. hotel common area computers) as they may harbor keyloggers or other malware that can expose your data.
- Don’t leave open/decrypted files unattended. If you plug in your thumb drive, decrypt the contents, and then proceed to wander away from your computer for a few hours, there’s no telling who will be able to access your data.
- Any time you copy data offsite, you’ll want to have a plan for re-integrating that data when you return. If not, you run the risk of creating a versioning nightmare where you can’t tell which version of a file is the “active” version.