KnowBe4 Security Awareness Training Blog

Employees Don’t Take USB Security Seriously, Putting Organizations at Risk

Written by Stu Sjouwerman | May 23, 2019 6:29:40 PM

USB devices continue to be a necessity for employees, an entry point for attackers, and an insecure medium to connect the two, spelling trouble for organizations.

Cybercriminals are looking for any way to access your organization’s endpoint that will allow them to infect a machine with malware, trojans, or ransomware. According to secure-hardware vendor Apricorn’s The State of USB Data Protection 2019 report, USB devices remain a viable target for cybercriminals. According to the report:

  • Employees are driving USB adoption – according to the report, 87% of orgs use USB devices and 68% of those stated employee choice was the reason.
  • Employees are working around IT – While nearly two-thirds of organizations have acceptable use policies around USB devices, 64% say employees use USB devices without prior permission.
  • Employees aren’t concerned about data protection – Almost half (48%) of employees have lost a USB device and not reported it to IT, and 58% use non-encrypted USB devices obtained from conferences and other sources.

With so much focus on cyber threats coming in via email and the web, organizations often overlook USB devices as a means for an attacker to inject malware into an organization.

Users need to be educated on the dangers of USB device use and the impact an attack can have on the organization. Security Awareness Training includes education on the need for a security-centric mindset at work, as well as on proper USB etiquette.

Free USB Security Test

Find out how your users will react to unknown USBs they find!

On average 45% of your users will plug in USBs. Find out now what your user’s reactions are to unknown USBs, with KnowBe4's new Free USB Security Test. Download our special, "beaconized" file onto any USB drive. Then label the drive with something enticing and drop the drive at an on-site high traffic area. If an employee picks it up, plugs it in their workstation and opens the file, it will "call home" and report the "fail" to your KnowBe4 console. And for Office documents, if the user also enables macros (!), additional data is tracked and geomapped.

How your free 7-day USB Security Test works:

  • Fill out the form on the right, and immediately...
  • Download "beaconized" Word, Excel or PDF files
  • Copy to any USB Drive, label and drop it
  • Reports on opens and if macros were enabled
  • Takes just a few minutes to setup

This is fun. Get your USB Security Test now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser: