Employees are aware of the risks associated with inadequate USB drive security, yet aren't following best practices, according to the report, “The State of USB Data Protection 2019: Employee Spotlight.”

The report reveals that employees have been the main driving factor behind the use of USB drives in the workplace (according to 68 percent of respondents) and have also been placing their organizations at significant risk. For example:

  • While 91 percent of respondents claimed that encrypted USB drives should be mandatory, a full 58 percent of respondents confirmed that they regularly use non-encrypted USB drives.
  • 64 percent of organizations have a policy outlining acceptable use of USB devices, yet 64 percent of respondents said their employees use USB drives without obtaining advance permission to do so.
  • Nearly half of employees lost a USB drive without notifying appropriate authorities about the incident.

One of the most alarming statistics was the fact that employees are taking more security shortcuts than ever before, including:

  • A higher percentage of employees are using USB drives without obtaining advance permission to do so: 64 percent in 2018, compared to 57 percent in 2017.
  • There has been an increase in the percentage of employees that aren’t notifying appropriate authorities after losing a USB drive: 48 percent in 2018 versus 39 percent in 2017.
  • In another example of employees unknowingly putting their organizations at risk, there was an uptick in the proportion of employees that use non-encrypted USB drives, such as those received “free” at conferences: 58 percent in 2018, compared to 56 percent in 2017.