USBs come under scrutiny

Report warns hundreds of terabytes of potentially sensitive corporate data is now stored on USBs located in employee homes and apartments.

  • 4 years ago Posted in

Digital Guardian has released a new research report, The DG Data Trends Report, which assesses the risk of sensitive data loss during the COVID-19 crisis. The research is based on aggregated and anonymised data from nearly 200 customers of Digital Guardian’s Managed Security Program around the globe. It represents a wide range of organisation sizes and industries, including financial services, manufacturing, healthcare, and business services. As they continue to work from home, employees from these companies regularly interact with regulated and structured data as well as unstructured intellectual property and trade secrets.


The data set analysed was from January 1 – April 15, 2020 and comparative data was evaluated from January 1 – February 29, 2020 (before the global onset on COVID-19) vs. March 1 – April 15, 2020 (after the COVID-19 pandemic came to the forefront). This enabled Digital Guardian to compare data egress patterns before and after the work from home transition took place and gauge its impact on the risk of sensitive data loss, now and in the future.  


Key Findings:


  • There was a 123% increase in the volume of data downloaded to USB devices by employees after the pandemic declaration and working from home became widespread. 74% of that data had been classified by organisation data governance policies. 

  • Cloud storage and USB devices became the most preferred egress paths after the COVID-19 emergency declaration, accounting for 89% of all data egressed. 

  • Data egress via all paths (email, cloud, USB, etc.) was 80% higher in the first month following WHO’s COVID-19 pandemic declaration. More than 50% of the data egressed was classified.

  • From March 11 - April 15, employees uploaded 336 TB of data to the cloud, a 72% increase from January and February combined. 

  • After the WHO’s declaration, Digital Guardian’s Managed Detection & Response analysts also saw a 62% increase in malicious activity from external attackers, a number that corresponded to a 54% increase in incident response investigations required. 


IT and security professionals should pay particular attention to the significant uptick in USB device usage as they inherently increase the risk of sensitive data loss due to their portability and likelihood of being misplaced, lost or stolen.

 

“Organisations have accepted that the economic and health effects of COVID-19 will be with them for the foreseeable future and working from home will remain a requirement for many of their employees,” said Tim Bandos, VP, Cybersecurity, Digital Guardian. “Our research indicates remote employees are egressing classified data at unprecedented rates across all egress paths. Executives and security teams would be wise to consider implementing solutions that provide visibility into this behaviour, and a means to control it, in order to avoid a potential data breach.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...