Two-thirds of IT professionals use non-encrypted removable media at work in spite of being aware of the associated dangers.

The survey, conducted by mobile security company Pointsec, revealed that 56 percent of employees downloaded corporate information on to their memory sticks, up from 31 percent last year. While 65 percent of those surveyed were aware of the potential danger that removable media presents, 66 percent admitted to neglecting a revision of their current security policies (with regard to removable devices). Only 21 percent secured them with passwords and encryption, and just 12 percent of organizations banned them completely from the workplace.

Interestingly, 4 percent of the participants felt the best way to avoid loss or theft of information from their device was to keep it in their pockets, even if it meant sleeping with the USB stick around their necks.

The most popular use of the memory sticks was the storage of corporate data such as contracts, proposals and other business documents. Customer names and addresses were stored by 22 percent of the users, with others using them to store presentations, budgets and other documents. One respondent used his memory stick to store his hacking tools while 3 percent found them useful to store passwords and bank account details. Seventy percent used them for downloading music files, reported Pointsec.

http://security.itworld.com/4341/060612mediarisk/page_1.html