This happened to me.. I was servicing a computer the other day, running updates double checking backups, routine stuff. I had connected across the network using a remote client to a shared computer when I saw a notice in the taskbar that a device was connected and it was ready for use. I blinked and got a worried feeling. I opened up Windows Explorer and spotted a new hard drive.
“Tsk, Tsk”, I said as I opened up the removable drive and started looking at the contents. It was full of personal information, personal and business tax returns with Social Security Numbers and Tax IDs. There was even a scanned copy of the owners driver’s license and a text file full of passwords and usernames for a bank and several online retailers. I closed Windows Explorer and ejected the flash drive from the taskbar. I knew the person who left the drive in the computer didn’t do so on purpose and that she would not want this drive to wander away, so after the updates finished and I sent a reboot command to the computer I wandered down the hallway and retrieved the drive and secured it in an envelope with the office manager.
So what could she have done to protect her data against loss? I have a few tips, of course.
First off, don’t ever let your flash drive out of your sight. If you always know where it is, then someone can’t read from it with out you knowing.. right? I know that this drive was left behind by accident, she was in a hurry after her shift was over and just left without realizing it wasn’t with her. I don’t trust myself not to do the same thing, so my flash drive is linked to my car keys. So I can’t drive away without the drive. Simple.
So that keeps us from leaving it behind but what happens if you drop it somewhere? Use encryption. This, in my opinion, is not an optional step. There are a number of programs out there that can handle this, including BitLocker-To-Go in Windows 7, but I like TrueCrypt (http://www.truecrypt.org/) One nice feature is that you can run this encryption program in a portable mode that lets you open your encrypted volume without needing to install software on the computer you’re using. A word of caution, I still only use this when I know the computer I’m working on has not been compromised or is spying on my actions. Once you open encryption the files are wide open on the computer and it could very easily copy everything you have encrypted right off your drive while you’re not watching.
Lastly, if you find a USB flash drive – don’t just willy nilly slap it into your computer. A slightly infamous case happened a few years ago. An executive was heading out of a restroom and noticed a flash drive had been left on the counter. She picked it up intending to return it to the owner but there was no owner’s label nor corporate logo on the lanyard so she had no idea who owned the drive. She went back to her office and stuck it in her computer’s USB slot hoping to find something she could use to return the drive, however the only file on the drive was a game. She mentally shrugged and started playing the game, it was silly and passed the last hour or so of her Friday and she went home thinking nothing else. Monday came and she walked into her office to find that her computer was already logged in and was accessing Finance and HR records. The game was a cover for virus that contained a payload that let the hacker record passwords and then open a remote control session. The hacker had just dropped a number of flash drives in several office buildings with the hopes that someone would do exactly what the executive did, play the game – load that virus – and give the hacker all weekend to look for data.
~Geof “hey look at this game” Franklin