An unsurprising study was recently released that found even when a portable USB drive is erased, not all of the documents and images are always removed. That, of course, is frightening.

Here’show the research was done:

Researcherswent online to sites like eBay, to second-hand shops, and even auction stores.They bought 200 used USB drives, half from the US and half from the UK. Almost2/3 of the devices had data on them! This data was, for the most part, personaldata, and it can also be used by cybercriminals to steal someone’s identity. Ontop of that, these USB drives can contain malware.

Removing All Data isDifficult

Whensomeone tries to delete or remove data from a USB device, they rarely havesuccess. In fact, of the 100 USB devices the researchers bought in the US, only18 of them were totally wiped clean. The rest of them had data that had beendeleted, but someone could certainly recover it. The UK devices were similar.What’s so surprising about this is that it is extremely easy…and free…forsomeone to fully delete their device. But most people just don’t put in theeffort, and that could definitely hurt them in the future.

USB Devices Can Be Risky

Usingthese devices can be risky, not only for average people, but also forbusinesses. In 2017, for example, a USB device was lost, and it containedsensitive information about Heathrow Airport. The government investigated, andeventually fined the company. The information was not encrypted, nor passwordprotected, and it was found on the street by a random passerby.

Becauseof these risks, some companies, like IBM, have banned the use of USB devices.Instead, employees must use the company’s cloud. Other companies still allowthem, of course, but they could be going down a dangerous road. These devicesare really cheap to buy, and people can save almost anything on them, but theyare also very easy to lose.

There are other issues with USB devices too. First, of course, you have the data on these drives to deal with, but there is also the fact that potential malware could be on the devices. Most companies don’t have the same rules that IBM has, and most consumers don’t think of this at all. This makes people and small businesses very vulnerable. So, if you use USB drives, there is one very important step that you need to take: encrypt it.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.