The USB flash drive is the splinter in the hands of many corporations. A USB drive is used by end users to bridge a gap in the mobility of data. Bridging that gap without impeding productivity is possible with the correct alignment of corporate strategy and technology.
Regulatory compliance such as HIPAA is helping to raise awareness about the management of information. Organization regardless of the industry have to take the first step of enacting a business policy that enforces this behavior. There is always an exception to the norm and in a corporate environment a business case can demonstrate its use. HRDC is an example where they enacted this type of policy due to data loss . The except below from the article Federal government loses hard drive with information on more than half a million people is an example:
Employees at HRSDC are no longer permitted to use portable hard drives and unapproved USB keys are not to be connected to the network. The department will also conduct an immediate risk assessment of all portable security devices to ensure “appropriate safeguards” are in place.
As most BYOD and corporate devices are network connected there are alternative strategies that address this. Corporate policy cannot be addressed with tactical technology solutions. When each works independently an impact to productivity occurs. Data sharing as well as user and application management are part of an integrated secure solution. It is time for the USB drive to go.