USB The Answer to Information Governance - Pens Set to Save Public Sector £Ms

Encrypted pen drives are being hailed by the public sector as offering cashable savings and a secure method of transporting data according to NHS IT infrastructure specialist, CSA Waverley.

The company believes this grass roots approach is perceived to offer considerable savings but only if the encryption level is delivered appropriately and there is widespread communication of overcoming further dangers, such as virus risk, associated with using USBs.

The company has seen sales of these encrypted devices rocket in the later half of 2008 and expects the trend to continue well into 2009 as public health organisations are ordering tens of thousands of devices at a time. The trend is supported by research from IT reseller Probrand that shows encrypted pen drive sales were up 10% for the last quarter of 2008.

The move follows ongoing public sector information governance issues but is contrary to e-Health Insider industry surveys that have found many organisations have made moves to ban mobile devices, such as USB sticks. 44% of public sector respondents said their use was restricted, 6% said they had been banned. Equally, some 11% reported physical implementation of information governance policy such as gluing up of USB ports.

But the environment of information governance and the public health sector are simply showing agility, says CSA Waverley’s Steve Nicholls: “Banning of mobile devices can only be seen as an immediate knee jerk reaction to an issue and of course that will relate to unprotected, unencrypted devices.

“We are now seeing positive steps by the public health sector to adopt cost effective, tried and tested technology that will deliver improved data security if used and implemented correctly.

“This means a strict policy that eradicates employee use of personal devices in the working environment and calls on the implementation of an appropriately high level of encryption and auditability regarding the movement of information using mobile devices.”

However, recent acknowledgements are also suggesting that USB sticks are unneccessarily exposing PCs and organisations to viral infection and this is prompting an uplift in sales of devices that block unauthorised usage of USB ports.

Nicholls continues: “The public health sector needs to take a measured and planned approach to tackling the issue of data and infrastructure security and business continuity. The malware threat is manageable but exploits the USB autorun Windows facility and the public sector needs to account for comunicating this risk to its employees.

“We would urge a positive approach to adopting methodolgy that uses tried and tested encrypted USB technology rather than a straight forward ban, which would be taking a step backwards and simply limit solutions to the information governance headache.”