Hi folks,
Does anybody's company use a policy where any removable devices like USB drives or "BYOD" have to be encrypted? If so, would you like share the gist of the policy? I'm pretty open with users using their company laptops for certain personal stuff like Facebook or youtube when using the laptops but lately I've noticed that my users like to plug in their personal USB drives which may have malware or suspicious program picked up by our AV. I'm about to put a policy in place where any removable drive used by the company has to be from me and has to be encrypted because of this. I've helped our IT consultants with a client when they were hit by ransomware (NOT FUN!) and they lost ~$30K + 6 months worth of data so I don't want my company to end up the same way.
Does anybody's company use a policy where any removable devices like USB drives or "BYOD" have to be encrypted? If so, would you like share the gist of the policy? I'm pretty open with users using their company laptops for certain personal stuff like Facebook or youtube when using the laptops but lately I've noticed that my users like to plug in their personal USB drives which may have malware or suspicious program picked up by our AV. I'm about to put a policy in place where any removable drive used by the company has to be from me and has to be encrypted because of this. I've helped our IT consultants with a client when they were hit by ransomware (NOT FUN!) and they lost ~$30K + 6 months worth of data so I don't want my company to end up the same way.