Security Nudges - USB Security
You may recall from my previous posts here and here that, as part of Thales Australia/New Zealand’s Internal Information Value campaign, I’ve been using ‘security nudges‘ to help influence our employees’ behaviours with regard to information security.
For the latest campaign activity I decided to focus on USB security. To ensure the security nudges would continue to be effective, I chose to rely on the theory of reciprocity to change it up. So, we supplied all employees with a USB data blocker to protect their personal devices, which linked to a backing card with a message relaying the behaviour I wished to address for the company.
Before providing the above data blockers, messaging was sent out to all employees that touched on three aspects of USB Security:
- The risk of plugging their personal devices into unsecured power charging kiosks, or other people’s computers.
- The risk of plugging unknown USB devices into company system’s without first validating that the USB’s didn’t contain malware (especially non-enterprise production support systems)
- To consider the Five Information Values before storing sensitive information on unprotected USB’s.
Nicely done Ben. Appropriate given the latest round of HW compromises cropping up. And also thanks for the data blockers - very useful!
Executive Director at Bastion Security Group | Board Member at Netsafe New Zealand
5 年Nice article Ben, I like the "nudge" concept! Q: where did you get the blockers from? I've been meaning to get some for our customers.
Marketing Professional
5 年A timely article on just this thing. Great initiative Ben!! https://www.zdnet.com/article/officials-warn-about-the-dangers-of-using-public-usb-charging-stations/?ftag=COS-05-10aaa0h&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=facebook
ILS/RAM/Support Systems Engineering Manager and SME at Lockheed Martin Australia Pty Ltd and Proud ADF Vetran
5 年Great initiative Ben!