Major recent example of an unencrypted USB breach

Visual image of the Queen in Heathrow airport

Heathrow Airport in London (30 October 2017) uses unencrypted USB drives for its non-cloud storage. Unfortunately, it was not standardized on encrypted USB drives. The failure to implement proper standards in data security / data loss protection with encrypted USB storage has now cost the EU a major breach of confidential and restricted information.

London – An unencrypted USB just gave away confidential and restricted files:

  • The drive had 76 folders / 174 documents
  • Details of measures used to protect the Queen
  • Files disclosed the types of ID needed to access restricted areas
  • A timetable of security patrols
  • Maps pinpointing CCTV cameras
  • One document highlighted recent terror attacks and talked about the type of threat that the airport could face

USB losses like this happen more frequently than expected and are prime examples why implementing an encrypted USB standard/policy should be a top priority; both within your personal habits and most urgently, your organisation. Learn more

Take advantage of Kingston’s encrypted USB line, including the renowned IronKey solutions, which covers all business and government requirements. Learn more

What’s important?

Visual image of Confidential files


Key variables in this regard are the human element and insider threat due to lax standards/policies and a lack of accountability and responsibility. Data, personally identifiable information and confidential information are the main elements in need of the most secure protection.

Encrypted USB, non-cloud storage is a must!

As recent breaches, exposures and compromised assets have shown, most of these incidents occurred due to preventable mistakes. The majority of incidents can be attributed to simple oversight due to a lack of attention or a failure to implement proper standards, policies and procedures.

It is essential to ensure the security and protection of citizen/employee information, ranging from personal information to healthcare and financial information. There is also an urgent need to protect confidential corporate information, national security, defence strategies and intelligence.

Are you the next headline?

Visual image – cool CyberSecurity Regulations

2018 regulations: Avoid significant fines and lawsuits from non-compliance

Both EU GDPR and NYDFS - 23 NYCRR 500 call for data encryption:

  • Security of data processing standards
    • Organisations must encrypt sensitive data both in-transit and at-rest.
  • EU GDPR: Encryption of personal data (Article 32, Security of processing)
  • NYDFS: Encrypt sensitive data both in transit and at rest. (Section 500.15 Encryption of Nonpublic Information.)

Top 3 requirements

Visual image – understanding / planning / check list

Cloud storage / non-cloud storage

As we know, the cloud is a great solution, but you must also consider the following factors:

  • Consistent access – Will you always have Internet access?
  • Reliable/secure access – Can you trust “free” Wi-Fi?
  • Next cyber-attack – Are you at risk of malware/ransomware?

With an encrypted USB drive (with or without Wi-Fi) you can rest assured that your data is protected and available when you need it. If lost, you have the confidence that no one will have access to the encrypted files.

Compliment your existing endpoint security at the device level

Visual image – cool endpoint management solution

Kingston/IronKey encrypted USBs are the perfect solution to avoid shutting down all USB ports. The last thing you need is to intentionally create an inefficient or non-productive mobile workforce.

Endpoint security can offer many advantages in user and group profile policies.

  • Determine who should or should not have access to the USB port
  • Issue a company-standard Kingston encrypted USB drive
  • Lock in a specific model of USB drive - only one type of encrypted USB drive will work
  • Lock out any other device that is plugged in – only the company-issued encrypted USB drive will work
  • Allow or restrict files that can be transferred to the encrypted USB drive
  • Monitor what files are being transferred and the last time the drive was used

Manage threats and reduce risks

Visual image of Kingston family Encrypted USB

Kingston’s family of encrypted USB drives, including the renowned IronKey solutions, provides multiple levels of security, data protection and risk management features.

  • 100% compliant encrypted USB data protection storage
  • Hardware-based 256-bit AES encryption in XTS mode
  • FIPS 197 and FIPS 140-2 Level 3 "Certified"

Management solutions available

Instantly gain complete and granular control over all of your encrypted USB drives

  • SafeConsole - DTVP 3.0 & DT4000G2 Managed
  • IronKey EMS - IronKey D300 Managed & IronKey S1000 Enterprise

Learn More

Infographic on EU GDPR and how encryption is required

Global Regulation on Encrypted Data Protection:

EU General Data Protection Regulation (EU GDPR)

EU General Data Protection Regulation (EU GDPR) Effective: May 2018

Applies to every organization that processes personal data of EU citizens, will take full effect in May 2018. Organizations to implement and ensure a level of security appropriate to the risk, including…encryption of personal data" (Article 32, Security of processing)
Learn more

New York Department of Financial Services (NYDFS - 23 NYCRR 500)

New York Department of Financial Services (NYDFS - 23 NYCRR 500) Effective: February 2018

Applies to every organization in New York that processes corporate / personal data. The proposal calls for organizations to encrypt sensitive data both in-transit and at-rest. (Section 500.15 Encryption of Nonpublic Information.)
Learn more

TAA and FIPS logos

Learn more about encrypted USB drives - Kingston Technology

Encrypted USB Flash Drives

DTLPG3

DataTraveler Locker+ G3

DT2000

DataTraveler 2000

DTVP30

DataTraveler Vault Privacy 3.0

DTVP30AV

DataTraveler Vault Privacy 3.0 Anti-Virus

DTVP30DM

DataTraveler Vault Privacy 3.0 Managed Solution

DT4000G2DM

DataTraveler 4000G2DM

IronKey

IronKey D300

IronKey D300/IronKey D300 Managed

Ironkey S1000

Ironkey S1000/Ironkey S1000 Enterprise