Policies are left in the drawer to gather dust

Over two-thirds of the agencies in the study had policies in place regarding portable storage security and procedures when transferring records to external parties. 58% had experienced a breach of a agency issued device the past 12 months only half of these featured any security precautions.
The full report can be downloaded here

What has lead to the action from the Privacy Commisioner are concerns after multiple incidents in the UK regarding lack of security for USB storage. The breaches are ranging over the full spectrum of goverment organizations. The UK is well known for having an attitude of publishing and high-lighting breaches, more so than many countries.

Some of the latest high-profile USB breach incidents in UK

UK police lose USB stick with terrorist intelligence data
Council loses data on children on USB key lacking password protection and encryption
Data on 5000 prisoners are lost on unsecure USB flash drive

Prevent conficker autorun, malware infection. viruses and trojans from spreading over USB into your networks with SafeStick features Authorized Autorun and File Blocker.

Problem

Conficker has highlighted the danger of standard removable USB sticks. Conficker implants a malicious autorun.inf on removable media as one modus operandum. Any software encryption or protection of the drive will go lost in the process as the Conficker infection lurks at the host and has the upper hand over the open USB flash drive. Given the unfortunate success for Conficker this is likely something that will be the target for copycat virus hackers and repeated over and over again.

Further more standard devices with or without only software encryption are not able to guarantee data integrity since data can be tampered with, copied, replaced or infected with viruses without user misbehaviour, it only takes one infected host to load up a removable drive with viruses and trojans.

Solution

The onboard anti-malware that SafeStick provides with Authorized Autorun and File Blocker further strenghtens the onboard security beyond automatic AES256 hardware encryption. The unique technology aids the user in protecting the device from becoming a liabillity. Rogues files can simply not be copied onto the SafeStick as File Blocker feature defends it automatically. The File Blocker can also be configured in SafeConsole to put in place data storage policies such as banning certain file formats for storage and disabling installation of unauthorized applications. Applications deployed using the SafeConsole feature Publisher is automatically white-listed.

Authorized Autorun has been implemented since SafeStick 3.1.0 and File Blocker will be part of SafeConsole 3.3 presented at this years InfoSecurity 2009 in London at the end of April (requires SafeStick 3.3.0 or later). Visit BlockMaster at stand P75 for a demonstration. All present SafeConsole customers are eligíble for the update.

Östner continued:
“This USB problem is one of the most urgent matters for IT departments. That is a statement of fact as 33% of IT staff place it at the top of their agenda.

Losing intellectual property on an open, unsecured USB flash drive could be disastrous for any organisation. There are good reasons to protect trade secrets, aggregated data or other sensitive records, as doing so ensures shareholder value, public confidence, and internal productivity.”

Read more directly from the news sources:

BBC report on the Edinburgh incident
SC Magazine full article
Computer weekly full article