Good data comes in small packages..

I have a security consultant friend who was once asked to come down and evaluate the security of a company that wanted their network security assessed. When he started to examine the various workstations he noticed that USB ports were sealed. He asked one of the in-house security personnel what was up. Apparently, the organization was so concerned that somebody was going to steal data or bring malware into the company network via finger drives that the USB ports were sealed shut with cyanoacrylate (a.k.a. Super Glue). This was many years ago when finger drives were just coming into their own and this extreme method of security was born largely out of paranoia.

You only need to google ‘USB Drive security’ to see that today there are numerous software and hardware solutions available that help to eliminate the stealing of company data from workstations and servers and even the pilfering of sensitive data contained on the finger drives themselves - which can now hold tremendous amounts of data and do so in smaller packages than ever.  

USB drives - while handy and useful devices - must be secured. Policies only work if they are adhered to by everyone on staff. Access control is important on the company end to prevent data theft from company owned computers. As for sensitive data contained on the drives themselves, encryption and password protection are key. Your network wide AV solution should also have the ability to scan the USB devices when they’re inserted and if malware is detected the drive/USB port needs to be disabled immediately.