Accessible and portable, USB devices are often used for transporting data and information. However, despite their convenience, these devices can pose some security risks. Some corporations, in fear of financial scams, public relations damages, damage to intellectual property, and leaking of sensitive information, began to restrict the use of personal storage devices in their facilities. 

For the manager of the RNP Security Emergency Response Center (CAIS) Edilson Lima, the main risk is the loss or leaking of sensitive and restricted information. “All company information has value, and some require restricted access. When the collaborator transfers company data to a personal device, the access control over that data is compromised,” he explains. 

Despite the tendency of some companies to forbid the use of removable media in the work environment, that does not seem to be entirely effective. It is necessary to understand that, in most cases, when an employee transfers information to a personal device, they do so with the intention of working from a remote location or at a different time. For Edilson, the best way to optimize the use of such equipment involves three stages: defining the use of these devices through policies; implementing technical solutions for access control; and a user awareness program on the risks caused by media misuse. “It is necessary to work on these aspects. Otherwise it won’t be effective,” he concludes. 

In addition to instructing on the proper use of storage devices, another option for data portability is the use of cloud sharing. That type of storage minimizes some risks and enables greater traceability of files which, despite not solving the problem, can bring more protection to the process.