New research from Digital Guardian has revealed that hundreds of terabytes of potentially sensitive corporate data could be threatened by employees who stored data on USB drives while working remotely during the pandemic.
The firm's new DG Data Trends report assessed the risk of losing sensitive data during the Covid-19 crisis. To compile its report, Digital Guardian aggregated and anonymized the data of nearly 200 clients of its Managed Security program around the world.
To better understand how employees stored sensitive corporate data before and during the pandemic, the company analyzed a set of data from January to April of this year. This allowed Digital Guardian to compare the data output models before and after the employees started work from home.
According to the Digital Guardian report, there has been a 123% increase in the volume of data downloaded to USB devices by employees after they started working remotely and 74% of this data has been classified by policies organization data governance.
Cloud storage and USB devices became the preferred exit route for employees during the pandemic and accounted for 89% of all data released. The report also found that data output was 80% higher in the first month after the WHO pandemic was declared. To make matters worse, more than 50% of the output has been classified.
From March 11 to April 15, employees downloaded a total of 336 TB of data to the cloud, a 72% increase from January and February combined.
In a press release, Vice President of Cybersecurity at Digital Guardian, Tim Bandos warned that IT and security professionals should pay close attention to the significant increase in the use of USB devices for data storage, declaring:
“The organizations have accepted that the economic and health effects of COVID-19 will be with them for the foreseeable future and homework will remain a requirement for many of their employees. Our research indicates that remote employees are pulling classified data at unprecedented rates on all exit paths. Executives and security teams would be advised to consider implementing solutions that provide visibility into this behavior and a way to control it to avoid a possible data breach. “