How to Encrypt A Removable Data Storage Device or USB and Stay GDPR Compliant


Guest piece by Richard LeCount – Founder of USBMakers

The 25thof May has come and gone, but GDPR is here to stay. By now, all businesses should have a robust GDPR strategy in place, covering internal storage systems as well as any external data storage and collection processes.

But – have you also considered the risk of a data leak due to unencrypted USB sticks? Have you even considered portable devices and their access to your data?

Most businesses think that now the date for GDPR has come and gone there’s nothing more to worry about, yet when addressing GDPR, they may have reviewed their digital data collection processes, along with any paper files they hold, but it appears that some overlooked portable devices. 

If you haven’t considered USBs and portable devices as part of your GDPR compliance, think again. 

A misplaced USB – or any portable media device – could land your business in data-breach-hot-water if you fail to take the necessary steps to secure it. Whereas if you lose an encrypted device, the event is merely considered a security breach, rather than a data-related issue. So, you wouldn’t have to alert the authorities to remain in line with GDPR compliance.

In short, it could save your business significant time and money, not to mention your reputation.

So where to begin? You first need to understand how your workforce shares data between one another and with clients, especially if they work both in the office and on the road. Only then can you introduce a secure encryption process to keep you the right side of the GDPR.


4. Quick Steps to Encrypt a USB for Macs

It doesn’t matter what type of business you own, if you store personal, private or classified data on a portable drive, you must guarantee it is secure. Fortunately, encryption is not as complicated as it might sound. We’ve compiled a list of just four steps you can follow for data peace-of-mind.

It’s your lock and key of the data world.

1.    First up, you will need to reformat your USB – so, open the Disk Utility App, select the USB drive, and click ‘Erase’;

2.    Select the MacOS Extended format when you erase the drive, specifying ‘HFS+ filesystem’ to reformat appropriately;

3.    Next, ‘right-click’ the USB drive, and select ‘Encrypt’ – then, pick a password you know you won’t forget;

4.    Encrypting the device may take a few moments, but you’ll know it’s complete once an alert pops up.

It’s that simple!



5. Steps to Encrypt a USB for Windows 10

Windows has its own custom encryption software called BitLocker, which is compatible with several different filesystems. There’s one more step for Window’s users, but the process is just as simple.

1.    Find the USB device on the computer, right-click, and choose ‘Format’ – you can pick between NTFS, FAT and FAT32 filesystems;

2.    Select the drive from File Explorer, then click ‘Manage’ (you’ll find the tab at the top of the screen);

3.    Click BitLocker and turn the software ‘on’;

4.    Pick a password, which you will have to enter twice to confirm;

5.    And be sure to save your recovery key to your Microsoft account, in case you need to retrieve the data later on!

NB. If you use a different operating system, there are plenty of step-by-step guides online to show you the way; just run a quick search. For more information on portable devices and GDPR compliance check out this blog article.

If you fail to secure your data or fail to show that you’re reviewing your processes and implementing techniques to ensure security, there’s a potential fine of twenty-million Euros or 4% of global company revenue, so taking the correct precautionary measures shouldn’t need a second thought.

With such a straightforward process, you have few excuses if you fail to act.

What’s important to note, is that USBs aren’t the only portable storage devices. There are now over 5 billion mobile device users around the world. Most, if not all of these devices provide users with access to private, personal or classified information. If you don’t have the ability to track and remote wipe your mobile device, time is of the essence.