Military ban against USB drives partially lifted

Share this article:
After a more than yearlong ban, USB drives and other removable media devices may now be used on military networks under “very specific circumstances and guidelines,” according to the U.S. Strategic Command.

“This is not a return to business as usual," Vice Adm. Carl Mauney, deputy commander of the U.S. Strategic Command, told SCMagazineUS.com in an email on Friday. “There remain strict limitations on using these devices.”

The U.S. Department of Defense (DoD) originally banned USB drives and other removable media devices in November 2008, after a worm infiltrated Army networks. A variation of the worm, W32.SillyFDC, was targeting thumb drives and other removable media and spreading through military networks. To stop the infection, all removable storage devices — including USB drives, external hard drives, cameras and some printers — were prohibited on all military networks.

The order to partially lift the ban came last week from Gen. Kevin Chilton, commander of the U.S. Strategic Command, and is applicable to all DoD information systems, Mauney said. Under the order, removable devices should only be used as a “last resort” when it is necessary to carry out a mission and there is no other way to transfer data.

Also, only government-procured and owned devices will be allowed. Personally owned devices will continue to be prohibited.

“After extensive testing of mitigation measures, DoD decided to make this technology available again on a strictly controlled basis on DoD computers,” Mauney said. “Since the order restricting use of removable media, DoD developed capabilities and processes that allow safe use of these devices.”

Removable media devices, which also include most cell phones and all MP3 players, have their benefits and their drawbacks, said Frank Kenney, vice president of global strategy at network monitoring and file transfer software vendor Ipswitch.

They allow employees to be productive and to access the data they need, when they need it, he said.

“Yet as more people become reliant on these devices, they are exposing themselves to huge potential gaps, where the intelligence of a business or organization can be seriously compromised,” Kenney said.

Military network administrators can monitor and audit activity on DoD networks, including files that may be introduced through removable devices, Mauney added. The DoD regularly monitors its networks for intrusions and has procedures in place to address threats, he said.

Share this article:

Sign up to our newsletters

More in News

BlackBerry acquires voice and data encryption firm Secusmart

On Tuesday it was announced that the phonemaker would purchase the voice and data encryption firm.

OTI report exposes economic costs of NSA spying

OTI report exposes economic costs of NSA spying

A report from New America OTI found that the NSA surveillance program has had a chilling effect on U.S. commerce and foreign policy.

Breach index: Encryption used in 23 percent of Q2 incidents

Breach index: Encryption used in 23 percent of ...

Out of the 237 disclosed data breaches last quarter, encryption was used in only 10 instances.