Is an Apple iPod or MP3 player a threat to corporate data? Security experts increasingly believe such devices can be used to steal sensitive data from company PCs and networks. Last month, the Web was buzzing with the news that the UK Ministry of Defense was banning the use of iPods due to security concerns. Though the story -- released by Reuters -- was denied by the ministry, it has caused many to review their thinking on allowing portable devices in the workplace.
The problem is not new. Ever since PCs had floppy disks and, more recently, CD-R drives, it has been a simple matter for unscrupulous staff to steal any data they are able to access. New personal devices just add to the problem.
But according to recent research by Gartner, companies should consider banning portable storage devices from the workplace due to the risk of theft, and the fact that they can be the source of computer viruses and Trojans.
On the should-be-banned list are Smart Media and similar cards, keychain or USB drives, Sony Me-mory Sticks, CompactFlash and portable MP3 players. Gartner says that such devices can easily bypass firewalls and that a mislaid device can also be misappropriated by another member of staff.
But not everyone thinks a banning order is appropriate. Mark Blowers, a senior analyst at Butler Group, says companies have to get things in proportion.
"This is an issue, but it's more about overall security policy. It's not really feasible to ban such products outright as many people travel with them to work. It's probably more about banning them in particularly sensitive areas -- if that is pos-sible," he said.
But the problem is set to grow. Storage capacity is doubling roughly every six months, while remaining at almost the same price.
The first key development was Flash memory, which stimulated the production of personal digital assistants (PDAs). The second development was removable storage using Secure Digital, Compact-Flash or Memory Sticks, most noticeably used in digital cameras and sealed inside MP3 devices.
Finally, tiny hard drives have increased portable storage further. The 4.6cm4 Hitachi drives used in iPods, for example, can store up to 40GB, and some players have even larger capacities.
But Greg Carlow, managing director at systems integrator Rep-ton, says, the problem is also about how companies organize data.
"If someone is malevolent, they can probably do serious damage by stealing a few megabyte of data: most companies only really use about 0.1 percent of the data they own, they just never get round to managing it," Carlow said, adding that the problem lies in operating systems devised years before such storage technology was available.
"Maybe in future versions of Windows we will start to see code that isolates unknown storage devices until they have been approved by the IT [information technology] department for use on a particular machine," he said.
But there are signs that companies are tightening up security policies to take account of the risk.
"We have been giving away memory sticks to customers but quite a few have refused them because there is a company policy banning their use," says Paul Hammond, UK general manager at systems integrator CNT.
In a recent survey of 200 UK firms by software security firm Reflex Magnetics, 82 percent of respondents said they regarded mobile devices such as the iPod as a security threat. Reflex says those in the healthcare and finance sectors are most likely to toughen up their security policies soon.
Companies are also likely to look to intrusion protection software that seeks to plug gaps on desktops and servers. For example Cisco's Security Agent software sits on the PC and can bar access to the USB port.
"It's available, but only two of our customers are using it in that way," says Paul King, Cisco's senior security consultant.
"It's more a matter of firms classifying and segregating data that needs to be protected, as well as ensuring they provide encryption on laptops, which are a far greater security risk," King said.
Other firms offer encryption tools so that only encrypted access is possible to USB drives.
What is certain is that data theft will get easier as data storage devices increase in capacity while reducing in size and cost.
While the future holds the promise of vast amounts of data on holographic devices, the next few years are likely to be defined by squeezing more out of existing technology.
The CIA has a message for Chinese government officials worried about their place in Chinese President Xi Jinping’s (習近平) government: Come work with us. The agency released two Mandarin-language videos on social media on Thursday inviting disgruntled officials to contact the CIA. The recruitment videos posted on YouTube and X racked up more than 5 million views combined in their first day. The outreach comes as CIA Director John Ratcliffe has vowed to boost the agency’s use of intelligence from human sources and its focus on China, which has recently targeted US officials with its own espionage operations. The videos are “aimed at
STEADFAST FRIEND: The bills encourage increased Taiwan-US engagement and address China’s distortion of UN Resolution 2758 to isolate Taiwan internationally The Presidential Office yesterday thanked the US House of Representatives for unanimously passing two Taiwan-related bills highlighting its solid support for Taiwan’s democracy and global participation, and for deepening bilateral relations. One of the bills, the Taiwan Assurance Implementation Act, requires the US Department of State to periodically review its guidelines for engagement with Taiwan, and report to the US Congress on the guidelines and plans to lift self-imposed limitations on US-Taiwan engagement. The other bill is the Taiwan International Solidarity Act, which clarifies that UN Resolution 2758 does not address the issue of the representation of Taiwan or its people in
US Indo-Pacific Commander Admiral Samuel Paparo on Friday expressed concern over the rate at which China is diversifying its military exercises, the Financial Times (FT) reported on Saturday. “The rates of change on the depth and breadth of their exercises is the one non-linear effect that I’ve seen in the last year that wakes me up at night or keeps me up at night,” Paparo was quoted by FT as saying while attending the annual Sedona Forum at the McCain Institute in Arizona. Paparo also expressed concern over the speed with which China was expanding its military. While the US
SHIFT: Taiwan’s better-than-expected first-quarter GDP and signs of weakness in the US have driven global capital back to emerging markets, the central bank head said The central bank yesterday blamed market speculation for the steep rise in the local currency, and urged exporters and financial institutions to stay calm and stop panic sell-offs to avoid hurting their own profitability. The nation’s top monetary policymaker said that it would step in, if necessary, to maintain order and stability in the foreign exchange market. The remarks came as the NT dollar yesterday closed up NT$0.919 to NT$30.145 against the US dollar in Taipei trading, after rising as high as NT$29.59 in intraday trading. The local currency has surged 5.85 percent against the greenback over the past two sessions, central
RSS