Its Mobile Enterprise Security Study 2004, which looked at the workplace use of portable gadgets with a USB (Universal Serial Bus) connection – one of the main standards for connecting devices to computers – found that 85% of employers had no security policy in place that controlled the use of these devices.
The use of USB-connected devices such as memory keys, flash drives, music players such as the Apple iPod and smart mobile phones, is rising in the workplace. BeCrypt's survey of 180 employees found 63% admitting to connecting unchecked devices to corporate networks, with more than one third revealing that the devices were obtained from third parties as gifts, with no clearly identifiable source.
More than half of those surveyed had connected devices to computers at work in order to take data off site, introducing the risk of accidental or malicious use of external media to 'leak' private or classified data, said BeCrypt.
Nearly a quarter of respondents admitted having lost portable storage devices and more than half claimed ignorance over the impact that the misuse of portable storage devices could have on overall data security.
"Sloppy security practices and policy is making the rise of USB devices a real menace for British employers," said Peter Jaco, CEO of BeCrypt. "The problem is that USB device users are free to connect any device they wish and could remove key corporate data. Security policies need to lockdown USB device use, but also regulate and permit usage where devices are truly useful."
BeCrypt recommends that organisations extend their security strategy to cover the control of portable storage devices. This should include, says the firm: