The following factors should be taken into consideration for securing important assets: The average cost of a data breach from any source (not necessarily a flash drive) ranges from less than $100,000 to about $2.5 million.
[1] A SanDisk survey[3] characterized the data corporate end users most frequently copy: Examples of security breaches resulting from USB drives include: In the early days of computer viruses, malware, and spyware, the primary means of transmission and infection was the floppy disk.
The prevalence of malware infection by means of USB flash drive was documented in a 2011 Microsoft study[6] analyzing data from more than 600 million systems worldwide in the first half of 2011.
That finding was in line with other statistics, such as the monthly reporting of most commonly detected malware by antivirus company ESET, which lists abuse of autorun.inf as first among the top ten threats in 2011.
One common approach is to encrypt the data for storage and routinely scan USB flash drives for computer viruses, malware and spyware with an antivirus program, although other methods are possible.
Software solutions such as BitLocker, DiskCryptor and the popular VeraCrypt allow the contents of a USB drive to be encrypted automatically and transparently.
Hardware systems may offer additional features, such as the ability to automatically overwrite the contents of the drive if the wrong password is entered more than a certain number of times.
However, this form of hardware security can result in data loss if activated accidentally by legitimate users and strong encryption algorithms essentially make such functionality redundant.
In commercial environments, where most secure USB drives are used,[1] a central/remote management system may provide organizations with an additional level of IT asset control, significantly reducing the risks of a harmful data breach.