In the evolution of technologies some tools that once seemed fundamental to us have almost completely disappeared. And we are still in a phase of constant change.
Not too far back in time, from the 90s onwards the Compact Discs spread almost everywhere, allowed definitively to store up to 700 MB of data.
At the end of the same decade the Digital Versatile Discs, known as DVDs, took root and with more or less the same logic, were going to replace the CDs, but increasing their capacity. They were of various types, reaching up to 17 GB (DVD-18).
With the passing of time, these tools have practically disappeared from our desks, and for some years now also from our PCs, first from laptops and then from workstations. They have been supplanted by all the various types of USB memories like keys, hard disks, etc.
These supports have spread very quickly, especially for the following reasons:
• Writing speed:
with the new USB standards, USB keys can reach very high speeds both in writing and reading (to date, around 600 MB/s).
USB media can be reused several times, they don’t have rewriting problems like CDs or DVDs could have.
• Reduced cost:
today we get to have about a storage cost of 0.000103$ per MB.
• Big dimensions:
over time they have reached considerable dimensions, allowing in fact to memorize any type of data, from complete images of operating systems, to HD videos.
• No need to be connected online:
being plug and play supports, they don’t require large configurations or special software: both CDs and DVDs, in fact, required at least the software for data burning. This feature has made USB sticks the easiest way for users to exchange data.
The same thing happened in business systems. If with regard to backup systems other much more expensive systems have taken hold, for PC users USB flash drives have always been the simplest tool for exchanging files, for bringing music with them, or for storing data.
At the same time, this ease of use has led to some headaches for network administrators, who in addition to finding effective systems to prevent malicious files brought by unsuspecting users from compromising the system, must also prevent confidential files and data from being transferred in unexpected places. If you think about the WannaCry ransomware, in many cases distributed through a simple USB key, you can understand how “potentially dangerous” the use of USB mass storage is.
The ever increasing awareness of privacy and security is leading to a rethinking of the use of USB storage devices in the corporate environment today. In fact it is no longer the most economical data storage system, if you think that there are services that allow the storage of a USB key at the same price (also adding additional services, such as backup and warranty of availability): today saving 2 TB of data in the Cloud costs about $350 with unlimited duration, therefore already equal to $0.0001 per MB of USB keys.
File sharing is made really easy today, starting from simple network shares, to arrive at all the solutions of different vendors (Google Drive, DropBox, Citrix Sharefiles, …). So today, at least in a business environment, where internet connection must be seen as a vital resource for system operation, I no longer see the need to allow the use of USB media for sharing or archiving file.
However, a challenge remains: to educate users to use these services, and to “modify” their way of dealing with them. Often this fact is underestimated, and while providing new services to users, they continue to work as they always did. For this reason, once implemented data centralization and advanced sharing solutions, it is still necessary to check that users behave according to company policies.
It is actually complicated to prevent the use of USB keys, but, particularly on Windows systems, it is possible to disable some ports through specific registry keys, or disable the use of peripherals of a particular type. Another way is to use Agile from version 2.6.1 onwards: in fact it provides a graphical menu to choose which USB devices to allow access to the system and which ones to disable, both on PCs with Windows operating system, and on Raspberry.