Data Security

Data Security: USB Drives & Security Risks

USB drives (also known as thumb or flash drives) are commonly used to store and transfer files. While convenient, they present significant security risks due to their portability and ease of misuse. Lost, stolen, or compromised USB drives can expose sensitive University information and introduce malware into University systems.

Reporting Lost or Stolen Devices

If a USB drive or any other device is lost or stolen, report the incident immediately to both of the following:

Note:

• All lost or stolen devices must be reported.
• Devices containing confidential University information must be reported to the Information Security Office.

USB Security Risks

USB drives pose several potential threats, including:

  • Data loss or exposure if a device is misplaced or stolen
  • Malware infections when a compromised USB drive is connected to a computer
  • Pre-infected devices, as some USB drives may be compromised during manufacturing
  • Unauthorized data access if an attacker gains physical access to a computer

Best Practices for Safe USB Use

To protect University data and systems, employees should follow these guidelines: 

  • Do not connect unknown or untrusted USB drives to any computer.
  • Use encryption and strong passwords on USB drives that store sensitive data.
  • Keep backups of important files in case a device is lost or damaged.
  • Do not use personal USB drives on public or University computers.
  • Do not connect USB drives containing University data to personal computers.
  • Keep security software up to date, including antivirus and system updates.

Following these practices helps reduce the risk of data breaches and protects University information.