Banking Exchange Magazine Logo

“Free” memory sticks can be expensive

How clean is that device you are about to stick in your company computer?

Trouble can sometimes come in very compact packages. Trouble can sometimes come in very compact packages.

Not everything Scott Adams puts in the Dilbert comic strip is funny. In the Dec. 4 strip, the Pointy-Haired Boss tells Dilbert that he has just found a memory stick on the sidewalk.

“It’s like free money!” the boss declares. “Can free money infect our network too?” says IT expert Dilbert.

The boss tells Dilbert he worries too much.

“If you need me,” answers the title character, “I’ll be selling all of my company stock.”


Now, bankers rank smart enough that they wouldn’t insert a found thumb drive into their company laptop. But how often, when you’re cruising the aisles at an industry trade show, do you scoop up, with the free pens, can coolers, and packets of logo-bearing mints, a handful of free memory sticks? And what do you do with them when you get back to work?

Ubiquitous and often not policed

Consider these figures from a poll Apricorn conducted among over 400 IT professionals in finance, government, education, and other fields:

• 9 out of 10 say employees use USB devices today, including USB drives.

• 8 out of 10 say that employees use non-encrypted USB devices, such as the freebies obtained at conferences.

• And 9 out of 10 say encrypted USB devices should be required.

• Only 6 out of 10 firms have a policy in place governing what USB devices are acceptable. Yet only about half of the sample says that their company provides approved USB devices to employees.

Apricorn, manufacturer of encrypted drives, points out in its report that USB drives represent a two-way risk. First, sticking a drive from an unknown supplier—especially one containing files, such as vendor literature—into an employer’s machine may import malware into the company system. Second, when an employee uses a stick to move data, such as taking files home, the employer loses control over company and customer information.

Unencrypted data can be stolen—it just takes losing the stick—and a bad actor may be making off with confidential, proprietary information. The survey found that 87% of the employees surveyed have lost a USB memory device and not told their employer. Only half of the sample said that their companies explicitly require reporting a lost or stolen device. The percentage was higher among financial firms (63%).

Policies not always enforced

Seven out of ten executives polled say that being able to offload data onto a stick increases productivity. However, the survey found some troubling trends:

• 48% of companies require employees to ask permission to use external USB devices—yet only a small portion (15%) actually do seek permission to do so.

• 46% of companies don’t require employees to seek permission.

• Of four key industries, 63% of financial firms have employees not seeking permission to use USB devices—compared to 98% in education; 87% among government entities; and 83% in the healthcare business.

Apricorn’s survey found that some companies use security practices. What’s troubling is the portion of respondents that aren’t using them. They include PINs and passwords (84% do); scanning USB devices for malware (82%); data encryption on device (42%); two-factor authentication (32%); and monitoring and tracking USB usage (29%).

back to top


About Us

Connect With Us


Webinar: From KYC to IDV

How three leading banks are utilizing cutting-edge
digital tools to onboard, win, and wow customers

Time/Date: June 23, 2021 11:00 a.m. ET

Digital adoption, already moving at warp speed, accelerated seven years into the future during the COVID-19 pandemic. As the number of bank branches continues to fall, with at least one study predicting all branches will disappear by 2034 (Fox Business) and foot traffic declining (Vox), today’s most innovative banks are charting a new, digital-first path to win over customers while increasing security, meeting KYC compliance requirements, and winning customers to drive revenue.

In this webinar, you’ll hear from John Baird, Founder & CEO of Vouched, Tyler Crawford, COO of Bankers Healthcare Group, Anand Sathiyamurthy, CPO of Flagstar Bank and Daniel Sheehan, Chairman & CEO of Professional Bank as they describe their vision for digital transformation and how customer expectations are changing to digital first. They’ll also explore how fostering an innovation mindset creates new ways to tackle complex KYC problems and allows them to quickly compete in new markets and win customers.


This webinar is brought to you by:
Vouched Logo