Got your data security sorted? Reckon there’s no way anyone can steal data from your computer or network devices? Great! That must mean you’ve solved the worst security problem plaguing corporations around the world.
In truth, data security is complex and difficult. If you think you’re completely secure, it probably means there are vulnerabilities you just aren’t aware of. That’s why it’s important to know the following ways data can be stolen from your PC or network drives.
1. USB Stick
They fit in your pocket or hang on your keyring. They’re compact, easily hidden, and even able to be disguised. But USB flash sticks are a massive security risk.
For instance, they can be lost or stolen. Giving one away that you think might be totally empty could result in secrets being uncovered with recovery software. There is USB-specific malware that delivers worms and Trojans to host computers, just waiting to steal login information and sensitive data.
USB sticks are also easily confused with each other. It’s not uncommon, in a work environment, to take the wrong stick home.
As long as your PC is unlocked, anyone with a USB stick can steal data from it. They simply plug it in, move the data across, remove it, and leave. It’s that easy; far simpler than stealing physical documents.
Tech giant IBM applied a new security policy in 2018: a total ban on USB storage devices. Unfortunately, this seems far too late.
2. Smartphone or Tablet
Image Credit: Marco Verch/Flickr
While they’ve banned USB storage devices, IBM has not announced any limits to that other popular portable storage medium: a smartphone. When set to mass storage mode, a smartphone can appear as a portable hard disk or USB drive to your PC.
Tablets and old MP3 players are recognised in a similar way. For IBM users, this affords an instant answer to their problem of being unable to use USB sticks. Perhaps the company recognises that they can detect what data was transferred to what device, knowing that phones can be associated with people in a way that USB sticks cannot.
Either way, anyone can copy data on an unlocked, unattended computer using just a phone and a USB cable.
3. Flash Memory Card
Smaller than a USB stick, flash memory can be surreptitiously to steal data. Many devices these days feature card readers, often enabling the inserted media to sit flush with the edge of the reader. They can be seemingly invisible.
As with a USB flash device, these little memory cards can be easily pocketed, but rely on an unlocked and unattended computer. Picture this: a friend uses your computer to look through the photos on their camera’s memory card. While they might not have the intention of stealing data themselves, malware can be introduced from the card onto your computer.
All of the risks of USB sticks apply here.
4. Portable HDD or NAS Device
Image Credit: Marco Verch/Flickr
Other risks to your PC’s data exist from portable hard disk drives (HDD). Again, these can be easily connected via USB. But there is another type of HDD that can put your data at risk.
Network Attached Storage is increasingly popular as a means for storing data on a local network, usually at home. NAS boxes are affordable, and can offer data resilience… you could even build your own using a Raspberry Pi.
The thing is, if you’re storing all of your vital data on a NAS box, it’s at immediate risk. Far smaller than a personal computer, a NAS box can be effortlessly connected from your home network, and taken.
Fortunately, you have a solution here: keep your NAS box located out of reach, preferably in a locked environment.
5. Other Removable Storage Media
We’ve looked at the most common compact storage media so far, but there are others that you should be aware of. Writable CDs and DVDs are perhaps the most obvious, although ZIP disks and REV disks (from Iomega) are still used in some organizations. These are smaller (REV disks are essentially hard disk drive cassettes), and therefore easier to conceal.
Meanwhile, although unlikely to get into the hands of most users, tape media is used for mass storage, backup and data recovery in many businesses, and on some home servers. These of course need to be held securely, as they typically hold a copy of the entire contents of a server.
Leaving tapes where they can be picked up and taken would mean losing data from an entire server!
How to Secure and Protect Your Data
So, what data do you have on your computer? Video games? Art work? An in-progress novel? Or something more valuable: customer data, commercially sensitive information, something that will cost you your job if lost?
Whether you’re concerned about data being stolen from your home PC or your work laptop, it is vital that you understand how it could happen. Your data is under physical risk in five ways that you should now be able to recognise:
- USB sticks.
- Smartphones, tablets, and MP3 players (connected over USB).
- Flash memory cards.
- Portable HDD and NAS devices.
- Removable media: optical disks, removable hard disk drives, tapes.
Understanding which devices can be used to pocket data on your computer is important. Don’t let it cloud what is useful, however. For instance, USB sticks can be turned into keys that unlock your PC.
If you’re concerned about the security of the data you’re using, consider using disk encryption. Using a work computer? If your employer expects you to work remotely on data stored centrally, ask them about setting up a VPN. This will improve data security considerably.
One last thing: although these devices can be used to steal data from your computer, they can also be used to introduce Trojans and malware. Ensure your internet security and antivirus apps are up to date!