Gotta love this. A supplier called Credant has, of all inventive things, conducted a survey of dry cleaners and laundrettes – and discovered more than 17,000 USB sticks were left behind in 2010 in clothes left to be dry cleaned. A 400% increase from 2009! (A note on methodology; there are about 4,500 such businesses in the country all told – the firm extrapolated the 17,000 from the 500 it got results from.)
More than 500 dry cleaners and laundrettes from around the county participated in the somewhat unusual research exercise, which of course has the serious point that a lot of these forgotten items will almost certainly contain proprietary data and most probably, confidential client or organisational data.
"The numbers of USB sticks forgotten in trousers and shirt pockets is staggering and is a direct result of growth in ‘IT consumerisation,’ as consumers today carry more and more mobile devices than ever before, such as smart phones, laptops, iPads, USB sticks and other portable devices," claimed the firm’s VP marketing, Sean Glynn. "Consumers leave the USB sticks behind, creating a potential risk for their employers if these devices end up in the hands of criminals."
USBs are the cheapest and most convenient means of storing private data – but, as the company says and surely we all know by now, they are also the most easily lost devices.
With so many thousands of USBs left in dry cleaners alone, the probability increases that valuable corporate data resides on them, presenting a potential security risk for a consumer’s employer, argues the vendor – and can you blame it?
As anyone tracking information security and/or these rolling blogs knows, since the ICO was given the power to fine organisations for breaches of the Data Protection Act (DPA), four big civil penalties (they are not fines – as we explained here) have been issued since then, e.g. Ealing Council for £80,000 and Hounslow for £70,000.
"With the best intentions in the world," says Glynn, "the reality is devices are often left behind and the information they contain could be devastating if disclosed — over and beyond the ICO fines. Organisations need to plan for this when developing their security strategies."
The study in a way is a bit of fun but does also have the serious point that if there was one thing we probably wish we could ‘take back’ as an invention – it has to be super-portable data devices.
Yes, they are great. But at least with the old floppy disks to take anything of useful size required about 40 of the buggers and the patience of copying them in and out.
A USB can take, and hide, all sorts of sins and that’s why so many, of them, it seems, end up covered by nasty substances like PERC (perchloroethylene) and DF-2000 (the main agents commercial dry cleaners use) – and, of course, more importantly, easy for third parties to pick up and idly check out on all the ubiquitous USB drive.
Eventually, of course, we’ll learn; we all stopped carrying so much cash because it’s so easy to mug, then we were all happy to adopt Chip and PIN to cut down on plastic fraud.
Only in this case, what will happen won’t be (as it logically should) safer USBs (we have them already – no-one uses them), but we’ll just stop messing with the damn things and find some other medium.
Which we’ll also leave in our pockets. Human nature, eh – plus ca change…
