The Heathrow USB Drive Didn't Have To Be a News Story

What happens when someone sees a USB drive lying on the sidewalk? About half of the time, as multiple experiments have demonstrated, the person will pick up the drive, take it home, and plug it into his or her computer.

What happens next depends on what’s on the drive. If it contains identifying information, the finder might return it to its rightful owner. If it contains malware, it might kick off a widespread cybersecurity crisis. If it contains a few gigabytes of classified airport security information, including patrol timetables and maps of the security facilities used by foreign dignitaries, it becomes one of the most embarrassing security breaches of the year.

The mysterious Heathrow Airport USB drive, discovered a few weeks ago by a Londoner on his way to the library, contained an incredible amount of sensitive data. Along with information on procedures used to protect the Queen and other high-profile travelers, the files contained maps, identification requirements, and technical information on the airport’s ultrasound radar scanners. In all, the drive held more than 2.5 gigabytes in more than 170 files.

The drive is not the problem

Next to “Where did the drive come from?” the most common question regarding the incident has been “Why wasn’t the drive encrypted?” It’s a logical inquiry to make, since encryption would have rendered the drive unreadable to anyone without the key: the passerby who found it, the editors of the Sunday Mirror, or any less-honorable person who might have discovered the drive instead.

There’s a more important question, however, that no one seems to be asking: why wasn’t the data encrypted before it was saved to the USB drive?

To say that the drive itself should have been encrypted is to assume the maps, procedural documents, and other files were transferred to the drive by someone authorized to have them the first place. It’s possible that the files were stolen, however, in which case the security breach had already happened before the data landed on the drive.

Persistent protection

If, on the other hand, the sensitive files had been protected by persistent encryption when they were first created, the lost USB would have been entirely unimportant, no matter where it came from.

If hackers broke into the airport’s network and saved the files to a flash drive, all they would have to show for their efforts would be 2.5 gigabytes of completely unreadable data. If an airport employee copied the files to a drive and then lost it on the way home, he or she would not have exposed a single bit of data to potential misuse. The encryption that was applied to the files in their original location would have traveled with the data onto the USB drive (and anywhere else the information was shared or stored), eliminating the negative publicity and increased risks that Heathrow now faces.

Persistent encryption is the only way to keep data safe throughout its entire lifecycle, no matter where it travels or how many times it is copied along the way. Unlike other forms of encryption (including the full drive encryption many people insist should have been used on the lost USB), persistent encryption is not limited to a single device, transfer medium, or operating system. It is applied to the data itself, providing a measure of protection against internal and external cyber threats that no other approach can match.

What happens when someone sees a USB drive lying on the sidewalk? If the data on the drive is protected by persistent encryption, nothing happens at all.

PKWARE’s Smartcrypt is the only data protection solution that applies persistent encryption on every enterprise computing platform. Find out how Smartcrypt can keep your organization’s sensitive information safe today.