Malware Spread using Removable Media

Removable medias such as USB Drives are convenient way to carry data for sharing and often find suitable than network drives which needs access tools and internet for it's usage.

These media drives are handy but also pose threat to enterprise information security as they are prone to spread various malwares which are easy to transmit as these devices used across various laptops/desktops which may be infected with any threat posing malwares.

Solution to handle the threat as ISO 27001 defines the way to control these removable devices - Under A.8.3.1 Management of Removable Media in Annex A.

Organizations must be able to demonstrate that the risks posed by removable media to the organization are controlled. ISO 27001 describes this as implementing procedures in line with the classification scheme adopted by the organization.

Approach to handle Threats and comply to ISO 27001:

1. Define ISMS policy for Handling Removable Devices which can be part of handling magnetic media such as Tapes, Hard drives ( Data Destruction policy).
2. Build User awareness as part of mailers, induction training for Info Security on handling such sensitive devices with care and report to IT administrator to ensure proper handling and sanitization checks for malware before usage.
3. Implement Technical solution as part of End Point security solution implementation to disable the USB ports as part of 'Deny' Policy for usage and selective 'need to use' basis opening of port from central admin portal of Ant Malware End point protection solution. (Specifically for enterprise having more than 10 to 25 laptops/desktops need to consider such solution).
4. Encrypt Enterprise Data: Implement Encryption of data on such devices before it's usage using encryption tools such as winzip which has AES 265 and higher encryption with password protection.
5. Secured File Sharing Services: Google, Microsoft365 and many more vendors offer secured file sharing services which is secured using AD/LDAP authentication and encrypted transfer and access over the public internet. This avoids requirement for removable devices to large extent avoid threats.Please share your contact details for further engagement on threat prevention, data protection and information security in your enterprise.