10.17.17 Cyber Security

Kingston Encrypted USB Drives: Hardware Data Protection for Today’s Mobile Workforce

By: Jon McDonald

The Crunch: Modern technology allows more workers to do their jobs on the go, but the devices they use to store and transfer data can expose businesses to significant breaches. Kingston Technology is well aware of the dangers posed by even the smallest hardware, and its line of encrypted USB devices protects both companies and their mobile workforces. As retailers continually heighten focus on cyber security, they need to stay informed on how to protect all points of data access. With its line of high-quality products, Kingston has emerged as a leader in promoting best practices to help companies secure their confidential data.

While technology has made it easier to work remotely, it has also opened up businesses to new security risks. Modern employees spend more time than ever before outside the office and rely on mobile tech to stay on the job while at home or traveling.

Photo of Kingston Encrypted Marketing Manager Ruben Lugo

Kingston Encrypted Marketing Manager Ruben Lugo told us that many companies overlook USB drives when establishing their security protocols.

For companies with on-the-go workers, USB devices are popular for data storage and transfers, but they can also provide a point of entry for cyber criminals if left unsecured. Data needs to be flexible and mobile in today’s retail world, but that doesn’t mean it can’t also be secure. Kingston Technology can protect sensitive information with its line of encrypted USB drives.

After a string of major retailers made headlines when data hacks compromised their customer credit card numbers and other information, businesses rushed to protect email servers and Internet-connected point-of-sale devices. Unfortunately, USB drives used to transfer and store data have too often fallen through the cracks as companies ramp up those protections.

“Everyone is so caught up in cyber security, but the USB drive is one of the last thoughts,” said Kingston Encrypted Marketing Manager Ruben Lugo. “You can spend $10 million on security, but you can be compromised by a $10 USB drive because you didn’t have the right technology in place.”

Kingston, founded in 1987, offers a variety of drives that encrypt data and feature tamper-proof protections. As a hardware-based solution, Kingston’s line of USB devices provides the protection businesses need to thwart keyloggers, hackers, and other cyber criminals.

Helping Eliminate the Security Risks of USB Drives

With its portability and convenience, the USB drive has allowed companies and their employees to have almost unlimited access to data while working out of the office.

But the same small size that makes those drives convenient also makes them security risks — primarily because they are so easy to lose. For instance, more than 22,000 USB drives are found in clothing by dry cleaners each year. And nearly half the people who find a drive plug it in and click on at least one file, which means a USB drive can be easily compromised.

Ruben said the human element is often the deciding factor in whether a USB drive is used to spread malware through a company’s computer system or to steal financial information about the company or its customers.

Graphic of USB device left at dry cleaners

USB drives are easy to misplace, and more than 22,000 of the devices are found in clothes at dry cleaners each year.

“And that is the one variable that most networks and companies have a problem with monitoring,” he said.

Sometimes the risk is inadvertent, like when an employee clicks on the wrong ad or brings a USB drive home not realizing a virus on their home computer will infect the work system when they return. Other times, there is malicious intent, as in the case of a disgruntled FDIC employee who stole bank account information from 30,000 people.

In either case, Ruben said that without encryption, strong passwords, and other protections in place, USB drives leave companies vulnerable to potentially significant data breaches.

The Advantages of an Easy-to-Deploy Hardware-Based Solution

Kingston offers a range of solutions to USB-drive security threats, and companies can select their preferred product based on need and budget.

“It’s all about application needs,” Ruben said. “I hate to say good, better, best because we believe all of our products are the best.”

The DataTraveler 2000 model is an encrypted drive with a numerical push-pin code password that is easy-to-use for even the non-tech savvy. The top-of-the-line IronKey S1000, which meets the highest security standards, is resistant to physical tampering, and has an array of management options so IT staff can track how many drives are in circulation and who has them.

Ruben added that all Kingston products have the advantage of being hardware- not software-based solutions.

Screenshot of Kingston encrypted USB products

Kingston offers a range of encrypted USB drives, including devices that can be managed remotely.

“Everything runs right off the drive, not on your host computer,” Ruben said. “And we have digitally signed firmware so that way it cannot be overridden to then be manipulated into giving you secrets. The drives are also physically secure, meaning you are protected from someone trying to open the case and get to the actual memory chips themselves.”

With hardware-based encryption, a user’s password unlocks the encryption key that was created by a random number generator, while, with software-encryption, the password is the encryption key that scrambles data, meaning fewer layers of protection.

Software solutions are also vulnerable to keyloggers and other hacking tools targeting the computer, while the encrypted drive has the advantage of being a self-contained device. Ruben said that means it is both easy to use and provides better security.

“It does everything for you,” Ruben said. “You don’t need to learn anything about coding. We take all that work out of it so you can manage threats and reduce risks with a very easy-to-deploy device.”

How Continued Training on Best Practices Diminishes Security Gaps

Preparation and prevention are always better than dealing with the aftermath of a data breach or malware infection. That requires not only the right equipment but the right policies, standards, and training so employees know which data is considered confidential, who is allowed to handle it, and how data should be handled.

Company standards to protect data need to go beyond complying with regulations. In an era where companies use remote working opportunities to attract and retain talent, it is essential to have comprehensive training on standards — and a vigilant follow-up to make sure they are being observed.

“At first, a company needs to realize who is taking information outside the firewall,” Ruben said. “You need to understand who has access to the data. From there, train them on practicing what you’re preaching.”

While 80% of companies have policies in place for handling USB drives, typically they only reference which departments or employees are permitted to have them. Fewer than 20% of those companies have policies related to encrypted drives, and one-third of them reported a threat or breach in the last year.

Ruben said the threats and breaches usually occur because a company is not updating systems or updating its hardware standards, providing hackers with an opening.

Kingston Products Protect a Company’s Data and Brand

As the headlines and news coverage illustrate, data breaches are a severe risk to retailers — especially when so many records are kept digitally. And while companies rush to shore up their cyber security and firewalls, the convenient, portable USB drives that employees use to store and transfer data are too often a risk that fails to get addressed.

Kingston encrypted USB solutions secure the data on those drives with complex password protection, encryption, and physical safeguards. Some products even offer remote management and drive tracking, providing retailers with even more control.

“Our drives are simple and ready to protect businesses immediately,” Ruben said. “These are big issues and, unfortunately, it often takes an incident for a business to realize it should have done something.”