52% of Cyber Attacks Target USB Drives: How to Secure Your Business Without Losing Productivity

The Universal Serial Bus (USB) has become an essential and widely used interface for connecting a vast array of devices to computers and other electronics. Businesses benefit from USB devices thanks to several advantages like effortless file transfer, offline access, and cost-effectiveness. However, the same convenience and versatility factors that make USB technology so popular have also introduced potential threats and critical risks that need to be addressed. 

According to Honeywell Cybersecurity Research, 52% of cyber threats were specifically designed to utilize removable media like USB or pen drives. Some of the potential concerns on using USB devices include:

• Malware attack through infected drives, 
• Unauthorized data leaks due to accidental or intentional sharing, and 
• Difficulty in ensuring compliance with data privacy regulations. 

Simply encrypting USB devices or outright banning them might not be the answer. USB drives serve multiple purposes and device-wide security rules can hinder legitimate use. To address this issue, SureMDM lets you configure advanced USB management capabilities at each device level for optimal results, without compromising usability.

USB Security Management on Windows Devices

SureMDM empowers IT admins to protect company data by managing USB connectivity on managed devices. Here's how:

• Restrict Unauthorized USB Devices: Admins can create a list of ‘Approved’ and ‘Prohibited’ USB devices, mitigating potential security risks associated with unauthorized USB devices.
• Fine-Grained USB Management: SureMDM offers granular control over USB ports. Admins can configure settings for individual devices or apply different rules to groups of devices, ensuring a flexible and adaptable security posture.

USB Security Management in Windows is done by adding DeviceClassID and DeviceInstanceID to the USB Media Control Profile on SureMDM for various USB devices. 

Check this article for a step-by-step guide on how to set this up for your Windows devices. 
Note that, to configure USB Media Control Profile, the Windows device has to be enrolled into SureMDM using Windows EMM enrollment method or Dual Enrollment.

Why you need USB Security Management for Windows Devices

• Avoid potential data theft and loss caused by employees using personal USB sticks. 
• Mitigate risks associated with malicious programs or code and enhance corporate security. 
• Leverage SureMDM with BitLocker to significantly strengthen your defenses against accidental data leaks through removable USB drives. By using BitLocker, you can ensure that any data transferred to removable drives will require mandatory encryption, safeguarding sensitive information regardless of the organization using the drive.

USB Security Management on Linux Devices

Using SureMDM, customers can use the serial number of Linux devices to control access to specific USB devices.

Why you need USB Security Management for Linux devices

• Avoid potential data theft and loss caused by employees using personal USB sticks. 
• Mitigate risks associated with malicious programs or code and enhance corporate security. 
• Ensure only encrypted USB drives are connectable to laptops, and force encrypt any USB devices that are yet to be secured.
• Enable read-only mode for unencrypted USB devices and block write-protection.

USB Security Management on macOS Devices

Using SureMDM, admins can fully block or allow the use of USB storage devices on MacBooks, providing a robust layer of security for your enterprise devices.

Why you need USB Security Management for macOS devices

• Block or allow USB devices as per business requirements and avoid potential data theft and loss by unauthorized USB sticks. 
• Mitigate risks associated with unauthorized software installations, malware, and ransomware attacks.