USB corporate data theft easy to track: Websense

Websense security director Alex Watson believes he has a method to track which computers have USBs connected on a company which could lead to a fall in corporate data theft.

In a recent blog post about data theft via internal networks, Watson says that the default setting in Microsoft Windows operating systems sends crash reports every time there is a change in hardware to a PC on the network. Windows considers a USB connection to be a change in hardware and the resulting report can be used to track which computers on the network have USBs connected, a potentially vital clue for tracking data crime.

The recent incidents of data theft via internal networks such as those by Edward Snowden at the NSA and a consultant working at the Korea Credit Bureau should be of concern, he said.

His methodology does not outline the specific data being stolen, but by limiting searches to PCs that have access to sensitive data, Watson said that the search could still be a useful, and free, tool for IT managers.