USB and Removable Media Security

USB and Removable Media Security
✓ SAFE PRACTICE• Never plug unknown USB drives in• Use approved media• Report found drives

The security risks of USB drives and removable media, and how to handle them safely in the workplace.

USB and Removable Media Security

USB drives and removable media are one of the most overlooked security risks in the workplace. They are small, inexpensive, and can carry enormous amounts of data — or malware.

USB Attack Vectors

USB ATTACK TYPES — what can go wrong when you plug in an unknown drive MALWARE DROP Drive contains infected files that auto-run or trick user to open them Classic infection vector BADUSB Drive firmware reprogrammed to act as a keyboard typing commands Bypasses all AV DATA THEFT Employee copies GBs of sensitive data in seconds before resigning Insider threat vector LOST / STOLEN Unencrypted drive with customer data lost in transit → NDB breach 30-day report clock starts

Why USB Drives Are Dangerous

Malware Delivery

Malicious USB drives can automatically execute code when plugged in. BadUSB works because a USB drive can impersonate a keyboard or network adapter — the computer has no way to tell the difference. When plugged in, it “types” malicious commands at 1,000 words per minute, faster than any human can react.

The USB Drop Attack

Attackers deliberately leave drives in car parks, lobbies, and common areas — labelled “Payroll Q3” or “Redundancy List 2025” to entice curiosity. Studies show that 45–98% of found USB drives are plugged in by the finder.
⛔ Important
If you find a USB drive — do not plug it in. Not at your desk, not on a personal device, not “just to check who it belongs to.” Hand it to IT security. The curiosity a found drive provokes is precisely what attackers rely on.

Safe Practices

Action Why
Use only IT-approved, encrypted drives Unencrypted drives cause NDB breaches when lost
Never plug in a found or unverified drive BadUSB and malware risk
Return unused drives to IT Don’t accumulate drives in desk drawers
Report lost drives immediately NDB 30-day clock starts from awareness
Don’t use personal drives on work computers Risk of cross-contamination
Encrypt sensitive data before copying Final safety net if drive is lost
✓ Key Point
Many organisations use endpoint controls (Microsoft Intune, Jamf, or DLP tools) to block unauthorised USB devices entirely. If your organisation has this policy and you have a legitimate business need, request approval from IT rather than trying to work around the block. The policy exists for good reasons.

Secure Disposal

Deleting files or formatting a USB drive does not securely erase the data — recovery tools can restore it in seconds. Return drives to IT for:
  • Physical destruction (shredding)
  • Certified cryptographic erasure (verified overwrite)
Never dispose of USB drives containing work data in regular bins or recycling.
What’s plugged into your business right now?
One curious moment with a found USB drive can hand an attacker your whole network — and one lost unencrypted drive can trigger a mandatory data-breach notification. Mobile Techs IT Service helps Gold Coast businesses take removable media off the risk list — USB device control policies, endpoint protection, encrypted approved drives, certified data destruction, and staff awareness training. Home users welcome too — on-site or remote, anywhere in Australia.