@Martin Maloney

"Disable USB ports in the BIOS and then password protect the BIOS? Ban flash drives?"

I'm yet to work somewhere that doesn't password the BIOS, but I wouldn't be surprised if some companies neglect that first line of defence. Admittedly, they usually have a standard password across the company so once an IT guy has let it slip to one employee...

There are many ways to improve the security of flash drive use, all available and all used by any company that has any inkling of data security.

1) Use software to prevent use of anything except your company's drives - several packages available.

2) Use company-issued, registered, encrypted flash drives - they're not that expensive.

3) Keep a log of all file transfers to/from said drives - easily achieved by network admins.

If I were to lose my flash drive, IT have a record of what's on it anyway so a decision can be made as to whether I had lost anything worth worrying about. Assuming the drive's finder can crack the encryption, of course.