Security Best Practices for Removable Media and Devices


For those of us who have an altruistic desire to be good global citizens, when we find something that doesn’t belong to us our first inclination is to try and identify who it belongs to. Others could have “selfish” intentions and say “finders-keepers!” In either of the above scenarios, the negative impact could be the same if the item that is found is removable media or a removable device that has malicious software embedded within. 

When it comes to cyber security best practices, removable media and devices must only be plugged or inserted into your computer if you trust/know the source. For example, if you found a USB flash drive in the grass near your office, there’s a chance it wasn’t dropped there by accident but planted there. Attackers are always trying to trick unsuspecting folks into plugging USB devices they find into their computers. Whether your intention is to find out who it belongs to or keep it, the attacker wins – and could successfully execute whatever malicious code they might have placed on the removable media or device. 

Plugging or inserting only trusted removable media or devices into your computer is the best protection against this type of attack. The latest edition of in our security awareness video series, in partnership with, helps you to better understand the risks associated with removable media devices and avoid becoming an unsuspecting victim. 

As always, be extra careful with anything that does not come from sources you trust. That extra care is one of your best defenses against security issues. You can learn more about this and other security best practices at

Isaac Painter
Security Business Operations & Content Lead


Posted on 07-23-2020