There are certainly benefits and advantages to being able to carry massive amounts of files and data in your pocket. However, the small size and gargantuan storage capacities also make portable media very easy to lose or misplace, and a prime target for criminals.
Whether it is a USB thumb drive, an external hard drive, a smartphone, a tablet, or some other device, it is not uncommon for people to have 32GB, 64GB, or even a terabyte of data on them. The data could be a music library or albums of personal photos, or it could be an entire patient or student database–complete with Social Security numbers, driver’s license numbers, home addresses, and other valuable information.
According to the Privacy Rights Clearinghouse, a non-profit organization dedicated to protecting consumer privacy and raising awareness of privacy concerns, there were 142 reported data breach incidents in 2010 involving portable storage devices. Those incidents led to the compromise or exposure of nearly 7 million records. That amounts to 7 million possible cases of identity theft or credit fraud, or 7 million violations of security and privacy mandates such as HIPAA or PCI DSS.
It is important that organizations limit the types of data that are allowed to be stored or transported on portable media, and that data that is stored on portable devices is properly protected so that–even if the device is lost or stolen–the data it contains will be safe.