The use of USB sticks for transferring files and data is becoming of increasing concern as a potential source for a data breach.
The news this week that the encryption code was cracked on a number of NIST certified USB flash drives, provides the latest ammunition on why transferring files on a flash drive is not a good idea. As reported in the ZDnet article - the weakness in the encryption scheme was unbelievably “bone-headed”, their words, and involved an authentication scheme with a huge flaw that was common across a number of manufacturers.
The practice of carrying around sensitive information on a USB stick should already have been raising security concerns within an organization. It now seems with this latest news that even using encryption on a USB flash drive may not provide the necessary protection for sensitive, confidential information.
From our perspective, file transfer of sensitive information via a USB stick is never a good idea.
No related posts.