Of those currently working from home, 77% report feeling fully productive while doing so. In addition to increased employee productivity, organizations that permit remote work experience 25% less turnover than those requiring employees to work on-site.
Remote work is therefore not only convenient but may be a necessity for companies to retain current employees and attract new talent.
With more and more companies enabling their employees to work remotely, the need to secure shared files is more important than ever. However, offsite workers create new cybersecurity vulnerabilities for companies and their data, such as data breaches.
2021 was a record-breaking year around the world for data breaches, and ransomware was also on the rise. The US Treasury Department financial crimes investigation unit (FinCEN) reported suspicious transactions regarding ransomware amounting to $590 million in just the first half of 2021 alone. This figure is significantly higher than the total for 2020, which was $416 million.
The shift from in-office to remote work has made companies even more vulnerable to these threats.
The Security Threats of Removable Media
Viruses, malware, and other cyberthreats often infiltrate businesses via removable storage devices, such as USB flash drives. These easy-to-transport devices are common methods for saving and sharing data, but they can easily be lost or stolen.
Since removable storage devices are often plugged into multiple devices to copy or share data, they are prime carriers of malware from device to device. Just one infected device could infect and corrupt an entire enterprise’s system and files.
Since 2011, the US Cybersecurity and Infrastructure Security Agency (CISA) has warned that USB sticks and other portable devices appeal to attackers, yet many companies continue to use them today. CISA urges the use of security solutions to keep data on these devices safe.
In this article, we’ll explore what methods you can use to secure shared and stored data on portable storage media, and explain how WinZip® SafeMedia™ can help provide file security on removable devices.
Virtual vs. Physical File Sharing Methods
When businesses share data internally or externally, users can send information in one of two ways: over a network via file sharing systems or using physical storage devices. Let’s take a closer look at each.
Virtual File Sharing
Common types of virtual file sharing systems include cloud-sharing solutions, virtual data rooms (VDR), peer-to-peer networks (P2P), and file transfer protocols (FTP).
Peer-to-peer networks use software that enables computers to communicate with one another. In P2P sharing, a software program locates other computers connected to the network and identifies the one(s) that have the files a user needs.
These network computers are called peers because they are ordinary computers rather than servers. When the P2P file-sharing software locates the desired files, it initiates the download process.
File transfer protocol operates on two communication channels:
- The command channel, which is where FTP initiates the instruction and response.
- The data channel, which is where data distribution occurs.
The end user’s device is the local host and connects to a remote host, which is typically a server. The user logs on to the FTP server and requests to download a file. This initiates the transfer process.
Virtual data rooms are secure online platforms commonly used for an organization’s financial transactions such as mergers and acquisitions as well as fundraising. VDRs offer features such as access control, data encryption, and version control. These features make it so that documents and data can be shared safely without the risk of legal liabilities.
Cloud-sharing solutions store files to an online file-sharing service that uses cloud storage. Users upload files from the service’s control panel, and when a file is uploaded, the server generates a URL that can be used to enable others to access and/or download the content.
Physical File Sharing
While cloud-based file sharing may seem increasingly common, just 42% of enterprises used cloud-based storage in 2020. This indicates a consistent need for other methods of data sharing for both remote and in-office work.
One common method of file sharing is through removable storage devices, which are lightweight, portable data-saving devices that provide data storage when connected to a computer, network, or information system. Examples include:
- External hard drives.
- CDs, DVDs, and Blu-ray discs.
- USB sticks (also known as thumb drives, memory sticks, or flash drives).
- External solid-state disc (SSD) drives.
Any form of data storage not integrated into the computer itself is considered removable storage. Removable storage devices provide a form of data backup that is separate from the centralized computer system, enabling users to transport data back and forth from any number of locations.
Thanks to their small size and portability, removable storage devices are a popular tool for storing and sharing data. They also don’t require power to operate outside of the power derived from plugging them into the end device.
Removable storage devices are also methods of data storage that can be used with or without an internet connection to transfer between two physically present devices. They can safely store data on a physical device––rather than in the cloud––which provides both perceived and actual control over data.
Data storage using the 3-2-1 method benefits from removable storage devices. This strategy involves creating one primary backup and two copies of the data.
The backups should be saved to two different types of media, and at least one backup file should be stored offsite. This reduces the damage of a single point of failure, such as a stolen device or a system crash.
Top Risks of File Sharing Via Portable Storage Devices
Although portable storage devices offer easy-to-use solutions for data storage and file sharing, they propose real risks to data privacy. Some of the more notable risks include the following:
Data breaches. One of the most critical risks associated with removable storage media is the potential exposure of sensitive data. In many industries, this exposure could constitute violations of data and privacy compliance.
When data breaches occur in entities that must adhere to privacy-related compliance regulations, the ramifications can be severe: They can harm an institution’s reputation, lead to operation downtime, and are costly regarding data recovery and potential legal fees from privacy sharing violations.
To protect data stored on such devices, USB sticks and other removable media should be encrypted. This renders all data useless to unauthorized users in the event the device is lost or stolen. Unencrypted removable media can be infected with malicious software, and users can unknowingly spread malware and other data security risks such as viruses between devices.
Theft or loss. Should a removable storage device fall into the wrong hands, it could provide unauthorized entry into a business network. Private information about the business or its clients and customers could be leaked, internal systems could be compromised, and data could be lost.
Malware. Portable storage devices can also be infected with malware or viruses when they are connected to an infected computer or network. If an employee were to open a compromised file from a corrupted portable storage device, they may expose their device or network to malicious programs that could harm their files and other network files.
Violation of privacy laws. Insurance companies, law firms, hospitals, financial services, and numerous other industries typically store and share large volumes of sensitive data. As such, many must follow government and industry-specific data privacy regulations. These regulations can have strict policies regarding authorized data access and methods of file storage.
Protect Portable Data with WinZip SafeMedia
With so many threats to business systems and data, many organizations find themselves in need of enterprise-level services and products for data storage. These solutions must provide security controls, regulate file access, and offer compliance-friendly file protection, sharing, and storage.
To protect files stored and shared on removable storage devices (and keep data secure even when users are on the move), many companies use a solution like WinZip® SafeMedia™, a solution that secures and compresses data stored on removable devices.
WinZip SafeMedia uses bank and military-grade encryption that complies with all major data privacy regulations including the Federal Information Processing Standard (FIPS) 140-2 and FIPS 197. This enables businesses to reap the benefits of file sharing through portable storage devices and removes the risks associated with this form of file storage and transfer.
- Enforcement of rules and policies across networks and affected employees.
- Forced encryption and default password requirements.
- Password protection for all discs burned by users.
- Individual and group permissions.
- System logs, including all files secured to removable media.
Through encryption and password protection, WinZip SafeMedia ensures the right employees have safe access to data and are compliant with company-wide security protocols. Access controls are easily customizable to ensure updated and secure access to the right parties. Should an employee leave the company or change roles, their access can be revoked or updated instantly.
Thanks to its ease of use, enterprise-wide implementation of WinZip SafeMedia is a straightforward process. Users simply drag and drop files to burn copies of CDs and DVDs or copy data onto other forms of portable storage devices.
With WinZip SafeMedia, file sharing is not only safer, but also faster. This is because file compression capabilities do not impact file quality. Since compressed files transmit at one-tenth of the speed of a full-sized file, users spend less time waiting on file transfers and downloads.