Security of Flash Thumb-Drives and PDAs
USB thumb drives and email enabled PDAs have become extremely useful tools for keeping up with important data and transferring it between computers. They can become a liability, however, if they are lost, stolen, or damaged if you have not taken steps to protect yourself.
Users wishing to maintain Institutional Data on thumb drives or PDAs should follow the prescriptions in UK Information Systems Use Policy in order to ensure compliance with University Policy regarding the use and transportation of this data. Of particular importance are section 4, which defines Institutional Data, and section 8, which stipulates the protection requirements for such data.
To increase your chances of recovering a lost device, you should follow the owner’s manual instructions to set up owner information on the device. If the device does not contain a method for doing this, you may wish to create a text file in the main folder called “Return-to-Owner-Information.txt”. The file name could be different if desired, but you should be sure to start the file name with a word that quickly identifies the content. In this file you should include your current contact information and how the user could return the device to you.
If the device supports it, you may wish to enable its encryption or locking features to protect sensitive data on the device, but be forewarned: if you forget your encryption key, you will be unable to recover the data. For devices that do not directly support encryption, you may be able to purchase software from a vendor that can provide these services. Encrypting or locking the device will also require that you decrypt or unlock it before you access the contents, so this may require that you run special software on the machine(s) from which you are attempting to access the data.
To protect yourself from losing important data, you should make regular backups of any critical data on the device by copying it to a computer’s hard drive or to a CD-Rom or other backup disk.