Over the years, USB memory sticks have improved in a variety of ways: smaller size, larger storage and faster than ever before. Because of these improvements, a large number of people now choose to store extremely valuable and personal data on them. This sounds great, but USB sticks how one major downside: they are very easy to lose!
Real-life example of the need to protect USB data
A member of the team from the German Ontrack office was on a business trip in Freiburg. While she was having a coffee on the main market square she found a USB stick lying on the pavement. In order to try to locate the owner, the team member brought it into the Ontrack office to check the content.
Using a secured computer, the team member went to work trying to locate some information about the owner. The stick was fully loaded with personal and sensitive material including scans of I.D cards, home loan application, bank statements, salary statements, credit card applications and three years’ worth of tax assessments.
Additionally, there were lots of detailed documents of two different houses in the Freiburg area describing the costs and charges for their construction and renovation.
This was definitely a USB stick the owner did not want to lose!
It is understandable that the owner of the stick (a real estate agent) would have wanted to keep all the necessary information he needed with him to enable him to do his job wherever he was located, however, this has major flaws.
As you can imagine, if this USB stick has fallen into the wrong hands it would have been very easy for a criminal to steal the owner’s identity, steal money or sell the personal information to the dark web.
Storing personal information on an unsecured USB stick is a risky business, and should be avoided by all means necessary!
USB Encryption
If you absolutely have to carry personal information on a USB, then it is sensible to encrypt the device. There are many solutions on the market – some free of charge – which can be used. Often when purchasing a brand new stick, an encryption solution is already supplied by the producer.
In case that your USB does not come with an encryption tool, there are several products available. Among them are:
VeraCrypt – works on Windows, OSX, and Linux (a quick how-to is below).
- After downloading and installing the program, click on "Create Volume"
- Select "Encrypt a non-system Partition / Device" and click on "Next."
- Under "Select Device", select your USB stick, enter a password and your stick should be safe.
- However, you should perform this procedure before uploading your data, as all data on the stick will be deleted.
- To access the encrypted data, you also need VeraCrypt
- Click on the button "Select Device".
- You select the stick, click on "Mount" and enter your password.
- "Dismount" will allow you to release the stick.
How to encrypt a USB stick
On-board resources with Windows 7, 8 and 10 (not included on home version) – works with the "Ultimate", "Pro" or "Enterprise" version (a quick how-to is below).
- To start you must click on the stick in the Windows File Explorer with the right mouse button.
- Under "Properties" you will find the tab "General".
- Click on "Advanced", activate
- "Encrypt content to protect data" and confirm with "OK".
You should be advised that you should back up the data encryption certificate and the key - if lost you will no longer be able to access the data in the directory. Therefore please click on "Back up now” (recommended)".
Set a password
- In the dialog "Security" you can set your password. If it says, "File Encryption is enabled on this computer," click "Start," then "Properties" and "System."
- Under "Info" you can change the "BitLocker settings" and activate the program.
- The USB stick is addressed under "Removable Disk - BitLocker To Go".
IS encrypting a USB stick enough to protect personal data?
Well, there are quite a few experts who find software encryption too insecure. For these individuals, they would suggest opting for a USB key with a hardware encryption.
With this method, the only way you can unlock the USB stick is with a decryption key (a small keyboard).
If you go with this option, there are some key points to remember:
- If you lose your decryption or hardware key, there are no means of getting your data stored on the USB back (even data recovery experts won’t be able to!).
- Make sure you always have another copy of stick´s content stored somewhere else as an emergency backup
- Always keep your USB stick and your decryption key in separate and secure places when travelling.
- In case you have difficulties getting access to the content on the stick, it might have come to the end of its product life. In this case, it is better to destroy it, for example using a dedicated software tool to ensure all data has been suitably destroyed.
Luckily for the owner of the USB stick in our example, his personal information was returned to him, along with some valuable advice regarding USB encryption!