Features, Insight, Opinion

Encrypted USB drives and cyber threats facing the financial sector

By Antoine Harb, Team Leader, Middle East and North Africa at Kingston Technology

The banking and financial sector faces heavy cybersecurity challenges, with hackers consistently zeroing in on its rich trove of sensitive data. Figures released by IBM and the Ponemon Institute revealed that the average cost of a data breach in the financial sector in 2021 was at USD 5.72 million[1].

Without a doubt, cyberattacks lead to astronomical financial losses and reputational issues that can erode customer trust. Banking and financial institutions have, thus, been ramping up their cybersecurity protocols to combat online breaches and comply with existing local and international regulatory requirements.

Implementing a comprehensive cybersecurity strategy specific to the needs of the industry in general and the organisation in particular is crucial. Data protection through encryption and backup is one of the fundamentals of practical corporate information management tactics.

However, for some banks, owning their data infrastructure is preferable than collaborating with third parties for their data encryption, storage and backup requirements. They turn to mobile security solutions as part of their measures of securing and keeping the integrity of their data and applications.

This is where encrypted USB drives come in. Specifically, hardware-centric, software-free encryption is considered one of the more effective, non-complicated solutions to online network breaches. By using state-of-the-art encrypted USB devices, organisations can also be more confident in meeting stringent regulatory standards, minimising risks and ensuring optimum data protection and safety.

With custom architectures that incorporate a premium onboard encryption controller and access control, these USB drives are designed with advanced security features. They work by encrypting data using the strongest AES-256 bit encryption in XTS mode, and then combine this with other safeguards to combat physical- and firmware-based attacks. More specifically, FIPS 197 or FIPS 140-2 Level 3 drives can add greater data protection levels, which are an essential data security requirement for businesses and government entities.

With hardware-encrypted USB drives, deploying relevant software programs is unnecessary. As the software program is removed from the equation, an organization can significantly reduce its exposure to software vulnerabilities such as brute-force, sniffing and memory hash attacks.

Furthermore, with hardware-encrypted USB, banks and other financial services institutions are more positioned to prevent users from turning off encryption, resetting the password rules— specifically the minimum length and complexity— and disabling the automatic password retries.

A unique recognition feature that can identify the manufacturer (vendor ID) and product model (product ID) increases data security as well. Thanks to this functionality, if a drive is plugged into the company’s inner or outer firewall, it can be identified as a company-issued device by using a unique serial number. The feature is available on all of Kingston Technology’s encrypted USB drives.

Another advantage of utilising hardware-encrypted USB is that the device allows an administrator to establish information access criteria for the user and then integrate this with existing local endpoint solutions. This is highly critical, especially in cases of malfunctioning cloud storage or when data is stored in devices that are not networked and for which offline access is required. It should be noted, however, that not all hardware-encrypted USBs are equipped with such a feature.

High-performance hardware-encrypted USB drives serve as an extra layer of data protection, acting as secure portable storage that meets ever-changing requirements. They permit fast data transfer and ensure safe data storage and backup, especially at times when regulatory information is needed to be hand delivered or when documents are required to be printed out on-site or off-site, among others.

Providing peace of mind, these compliant devices are not only easy to use and deploy but also more capable of fighting off brute force attacks compared to software encryption. This is because hardware encryption is designed to be separated from the host system, thereby making it much harder to breach.

With the rising popularity of cloud storage, some may consider USB drives as no longer relevant in today’s industry landscape. But with their advanced features, hardware-encrypted USB drives, in reality, afford better data protection, confidentiality and compliance standards.

[1] https://www.upguard.com/blog/biggest-cyber-threats-for-financial-services

Previous ArticleNext Article


The free newsletter covering the top industry headlines