Is an Apple iPod or MP3 player a threat to corporate data? Security experts increasingly believe such devices can be used to steal sensitive data from company PCs and networks. Last month, the Web was buzzing with the news that the UK Ministry of Defense was banning the use of iPods due to security concerns. Though the story -- released by Reuters -- was denied by the ministry, it has caused many to review their thinking on allowing portable devices in the workplace.
The problem is not new. Ever since PCs had floppy disks and, more recently, CD-R drives, it has been a simple matter for unscrupulous staff to steal any data they are able to access. New personal devices just add to the problem.
But according to recent research by Gartner, companies should consider banning portable storage devices from the workplace due to the risk of theft, and the fact that they can be the source of computer viruses and Trojans.
On the should-be-banned list are Smart Media and similar cards, keychain or USB drives, Sony Me-mory Sticks, CompactFlash and portable MP3 players. Gartner says that such devices can easily bypass firewalls and that a mislaid device can also be misappropriated by another member of staff.
But not everyone thinks a banning order is appropriate. Mark Blowers, a senior analyst at Butler Group, says companies have to get things in proportion.
"This is an issue, but it's more about overall security policy. It's not really feasible to ban such products outright as many people travel with them to work. It's probably more about banning them in particularly sensitive areas -- if that is pos-sible," he said.
But the problem is set to grow. Storage capacity is doubling roughly every six months, while remaining at almost the same price.
The first key development was Flash memory, which stimulated the production of personal digital assistants (PDAs). The second development was removable storage using Secure Digital, Compact-Flash or Memory Sticks, most noticeably used in digital cameras and sealed inside MP3 devices.
Finally, tiny hard drives have increased portable storage further. The 4.6cm4 Hitachi drives used in iPods, for example, can store up to 40GB, and some players have even larger capacities.
But Greg Carlow, managing director at systems integrator Rep-ton, says, the problem is also about how companies organize data.
"If someone is malevolent, they can probably do serious damage by stealing a few megabyte of data: most companies only really use about 0.1 percent of the data they own, they just never get round to managing it," Carlow said, adding that the problem lies in operating systems devised years before such storage technology was available.
"Maybe in future versions of Windows we will start to see code that isolates unknown storage devices until they have been approved by the IT [information technology] department for use on a particular machine," he said.
But there are signs that companies are tightening up security policies to take account of the risk.
"We have been giving away memory sticks to customers but quite a few have refused them because there is a company policy banning their use," says Paul Hammond, UK general manager at systems integrator CNT.
In a recent survey of 200 UK firms by software security firm Reflex Magnetics, 82 percent of respondents said they regarded mobile devices such as the iPod as a security threat. Reflex says those in the healthcare and finance sectors are most likely to toughen up their security policies soon.
Companies are also likely to look to intrusion protection software that seeks to plug gaps on desktops and servers. For example Cisco's Security Agent software sits on the PC and can bar access to the USB port.
"It's available, but only two of our customers are using it in that way," says Paul King, Cisco's senior security consultant.
"It's more a matter of firms classifying and segregating data that needs to be protected, as well as ensuring they provide encryption on laptops, which are a far greater security risk," King said.
Other firms offer encryption tools so that only encrypted access is possible to USB drives.
What is certain is that data theft will get easier as data storage devices increase in capacity while reducing in size and cost.
While the future holds the promise of vast amounts of data on holographic devices, the next few years are likely to be defined by squeezing more out of existing technology.
‘REGRETTABLE’: TPP lawmaker Vivian Huang said that ‘we will continue to support Chairman Ko and defend his innocence’ as he was transferred to a detention facility The Taipei District Court yesterday ruled that Taiwan People’s Party (TPP) Chairman Ko Wen-je (柯文哲) be detained and held incommunicado over alleged corruption dating to his time as mayor of Taipei. The ruling reversed a decision by the court on Monday morning that Ko be released without bail. After prosecutors on Wednesday appealed the Monday decision, the High Court said that Ko had potentially been “actively involved” in the alleged corruption and ordered the district court to hold a second detention hearing. Ko did not speak to reporters upon his arrival at the district court at about 9:10am yesterday to attend a procedural
Thirty Taiwanese firms, led by Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) and ASE Technology Holding Co (日月光投控), yesterday launched a silicon photonics industry alliance, aiming to accelerate the medium’s development and address the energy efficiency of artificial intelligence (AI) devices like data centers. As the world is ushering in a new AI era with tremendous demand for computing power and algorithms, energy consumption is emerging as a critical issue, TSMC vice president of integrated interconnect and packaging business C.K. Hsu (徐國晉) told a media briefing in Taipei. To solve this issue, it is essential to introduce silicon photonics and copackaged optics (CPO)
BACK IN THE NEIGHBORHOOD: The planned transit by the ‘Baden-Wuerttemberg’ and the ‘Frankfurt am Main’ would be the German Navy’s first passage since 2002 Two German warships are set to pass through the Taiwan Strait in the middle of this month, becoming the first German naval vessels to do so in 22 years, Der Spiegel reported on Saturday. Reuters last month reported that the warships, the frigate Baden-Wuerttemberg and the replenishment ship Frankfurt am Main, were awaiting orders from Berlin to sail the Strait, prompting a rebuke to Germany from Beijing. Der Spiegel cited unspecified sources as saying Beijing would not be formally notified of the German ships’ passage to emphasize that Berlin views the trip as normal. The German Federal Ministry of Defense declined to comment. While
The High Court yesterday overturned a Taipei District Court decision to release Taiwan People’s Party Chairman Ko Wen-je (柯文哲) and sent the case back to the lower court. The Taipei District Prosecutors’ Office on Saturday questioned Ko amid a probe into alleged corruption involving the Core Pacific City development project during his time as Taipei mayor. Core Pacific City, also known as Living Mall (京華城購物中心), was a shopping mall in Taipei’s Songshan District (松山) that has since been demolished. On Monday, the Taipei District Court granted a second motion by Ko’s attorney to release him without bail, a decision the prosecutors’ office appealed