Sunday, 5th July 2020

USBs come under scrutiny

Report warns hundreds of terabytes of potentially sensitive corporate data is now stored on USBs located in employee homes and apartments.

Digital Guardian has released a new research report, The DG Data Trends Report, which assesses the risk of sensitive data loss during the COVID-19 crisis. The research is based on aggregated and anonymised data from nearly 200 customers of Digital Guardian’s Managed Security Program around the globe. It represents a wide range of organisation sizes and industries, including financial services, manufacturing, healthcare, and business services. As they continue to work from home, employees from these companies regularly interact with regulated and structured data as well as unstructured intellectual property and trade secrets.


The data set analysed was from January 1 – April 15, 2020 and comparative data was evaluated from January 1 – February 29, 2020 (before the global onset on COVID-19) vs. March 1 – April 15, 2020 (after the COVID-19 pandemic came to the forefront). This enabled Digital Guardian to compare data egress patterns before and after the work from home transition took place and gauge its impact on the risk of sensitive data loss, now and in the future.


Key Findings:


  • There was a 123% increase in the volume of data downloaded to USB devices by employees after the pandemic declaration and working from home became widespread. 74% of that data had been classified by organisation data governance policies.

  • Cloud storage and USB devices became the most preferred egress paths after the COVID-19 emergency declaration, accounting for 89% of all data egressed.

  • Data egress via all paths (email, cloud, USB, etc.) was 80% higher in the first month following WHO’s COVID-19 pandemic declaration. More than 50% of the data egressed was classified.

  • From March 11 - April 15, employees uploaded 336 TB of data to the cloud, a 72% increase from January and February combined.

  • After the WHO’s declaration, Digital Guardian’s Managed Detection & Response analysts also saw a 62% increase in malicious activity from external attackers, a number that corresponded to a 54% increase in incident response investigations required.


IT and security professionals should pay particular attention to the significant uptick in USB device usage as they inherently increase the risk of sensitive data loss due to their portability and likelihood of being misplaced, lost or stolen.

“Organisations have accepted that the economic and health effects of COVID-19 will be with them for the foreseeable future and working from home will remain a requirement for many of their employees,” said Tim Bandos, VP, Cybersecurity, Digital Guardian. “Our research indicates remote employees are egressing classified data at unprecedented rates across all egress paths. Executives and security teams would be wise to consider implementing solutions that provide visibility into this behaviour, and a means to control it, in order to avoid a potential data breach.”

Netwrix survey reveals that 33% of financial organisations discovered sensitive data in insecure sto...
Okta, CrowdStrike, Netskope, and Proofpoint to deliver integrated product solutions, advanced insig...
Despite increase in cases during lockdown, one-in-five admit they couldn’t access a working backup o...
Today, just over two years after its entry into application, the European Commission published an ev...
Ivanti has published new findings from a survey studying the impact of the move to “work from home”...
Exabeam’s ‘2020 State of the SOC Report’ also reveals 40% of companies struggle with staff shortages...
New report details five ways hackers are exploiting organisations outside the firewall.
Advancements reduce enterprise compliance risks while streamlining regulatory audits and investigati...