Major Recent Example of an Unencrypted USB breach

Visual image of the Queen in Heathrow airport

Case in point, Heathrow Airport in London (October 30, 2017) uses Unencrypted USB Drives for its non-cloud storage. Unfortunately, they were not standardized on Encrypted USB drives. Their lack of implementing proper standards in data security / data loss protection with encrypted USB storage has now cost the EU a major breach of confidential and restricted information.

London – An Unencrypted USB just gave away "confidential" / "restricted" files:

  • The drive had 76 folders / 174 documents
  • Details of measures used to protect the Queen
  • Files disclosed the types of ID needed to access restricted areas
  • A timetable of security patrols
  • Maps pinpointing CCTV cameras
  • One document highlighted recent terror attacks and talked about the type of threat the airport could face

USB losses like this happens more frequently than expected or thought and are prime examples why implementing an encrypted USB standard / policy should be a top priority; within your personal habits and most urgently, your organization.

Take advantage of Kingston’s Encrypted USB line, including the renown IronKey solutions, which covers all business and government needs / requirements. Learn more

What’s important?

Visual image of Confidential files

There is still a long standing variable within the human element / insider threat which contains the issues of lax standards, policies, along with lack of accountability and responsibility. Data, Personal Identifiable Information and confidential information are still the key elements in need of our most profound protection.

Encrypted USB, non-cloud storage a must!

Recent breaches, exposures and compromised assets have highlighted that most of these incidents were from preventable mistakes that we allowed to happen. Simple oversights ranging from lack of attention, priority to not having proper standards, policies and procedures in place were the culprits in majority of incidents.

This involves the safety, security and protection of citizens / employee information ranging from personal information to healthcare and financial information. Additionally, need of protecting confidential corporate information, national security and defense strategies and intelligence.

Are you the next headline?

Visual image – cool CyberSecurity Regulations

2018 Regulations: Avoid enormous fines and lawsuits from non-compliance

Both EU GDPR and NYDFS - 23 NYCRR 500 call for data encryption:

  • Security of data processing standards
    • Organizations to encrypt sensitive data both in-transit and at-rest.
  • EU GDPR: Encryption of personal data" (Article 32, Security of processing)
  • NYDFS: Encrypt sensitive data both in-transit and at-rest. (Section 500.15 Encryption of Nonpublic Information.)

Top 3 things

Visual image – understanding / planning / check list

Cloud Storage / Non-Cloud Storage

As we know, the cloud is a great solution, but are you certain of a few things?

  • Consistent access – Will you always have internet access?
  • Reliable / secured access – Can you trust the “free” WiFi while logging in?
  • Next Cyber-attack – Did you get hit with a malware / ransomware?

With an Encrypted USB drive (WiFi or not) you can rest-assure that your data is protected, available and if lost, confident no one will have access to the encrypted files.

Compliment your existing endpoint security at the device level of Data Loss Prevention (DLP).

Visual image – cool endpoint management solution

Kingston / IronKey Encrypted USB’s are the perfect solution to avoid shutting down all USB ports. The last thing you need is to intentionally create a non-efficient or non-productive mobile workforce.

Endpoint security can offer many advantages in user and group profile policies.

  • Determine who should or should not have access to the USB port
  • Issue a company standard Kingston Encrypted USB drive
  • Locking in a specific model USB drive - only that 1 Encrypted USB drive will work
  • Lock out any other device that is plugged in – only the company issued encrypted usb drive
  • Allow or restrict files that can be transferred to the encrypted usb drive
  • Monitor what files are being transferred and last time the drive was used

Manage threats and Reduce risks

Visual image of Kingston family Encrypted USB

Kingston’s family line up of Encrypted USB drives, including the renown IronKey solutions provide multiple levels of security, data protection and risk management features.

  • 100% Compliant Encrypted USB data protection storage
  • Hardware based 256-bit AES Encryption in XTS mode
  • FIPS 197 and FIPS 140-2 Level 3 "Certified"

Management solutions available
Instantly gain complete and granular control over all of your encrypted USB drives

  • Safeconsole - DTVP 3.0 & DT4000G2 Managed
  • IronKey EMS - IronKey D300 Managed & IronKey S1000 Enterprise

Learn More

Infographic on EU GDPR and how Encryption is required.

Global Regulation on Encrypted Data Protection:

EU General Data Protection Regulation (EU GDPR)

EU General Data Protection Regulation (EU GDPR) Effective: May 2018

Applies to every organization that processes personal data of EU citizens, will take full effect in May 2018. Organizations to implement and ensure a level of security appropriate to the risk, including…encryption of personal data" (Article 32, Security of processing)
Learn more

New York Department of Financial Services (NYDFS - 23 NYCRR 500)

New York Department of Financial Services (NYDFS - 23 NYCRR 500) Effective: February 2018

Applies to every organization in New York that processes corporate / personal data. The proposal calls for organizations to encrypt sensitive data both in-transit and at-rest. (Section 500.15 Encryption of Nonpublic Information.)
Learn more

TAA and FIPS logos

Related Products

Related articles