Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Gartner: iPods, other small storage devices pose security risk

Companies should consider banning them

July 6, 2004 12:00 PM ET

IDG News Service - The iPod may be popular, but it also poses such a major security risk for businesses that enterprises should seriously consider banning it and other portable storage devices, according to a study by research firm Gartner Inc.
The devices, using a Universal Serial Bus (USB) or FireWire (IEEE 1394), are risky because they could be used to introduce malicious code into a corporate network or steal corporate data, the Stamford, Conn.-based research company said in its report, "How to Tackle the Threat From Portable Storage Devices."
The report, published Friday, pointed to a variety of devices, including pocket-size portable FireWire hard drives like those from LaCie Group SA or Toshiba Corp., or USB hard drives or key-chain drives such as the DiskOnKey from M-Systems Flash Disk Pioneers Ltd. Gartner also named disk-based MP3 players, like Apple Computer Inc.'s iPod, as a security risk, as well as digital cameras with smart media cards, memory sticks and compact flash.
Gartner advised companies to forbid employees and external contractors who have direct access to corporate networks from using these privately owned devices with corporate PCs. Companies should also consider a "desktop lockdown policy," disabling universal plug-and-play functions after installing desired drivers, to permit the use of only authorized devices.
The report conceded that the devices themselves can be quite useful within corporations, making it "unpractical and counterproductive" to introduce an outright ban.
Companies should take a multipronged approach to portable storage devices, Gartner said, including using personal firewalls to limit what can be done on USB ports. The use of products for selectively controlling ports and encrypting data should also be considered, the company said.
In addition, digital rights management technology should be used by enterprises that want to protect intellectual property, Gartner said.


Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Jump to comments

Security

Additional Resources

Microsoft
Here are some of the key reasons why you would want to run Unified Access Gateway with DirectAccess.
Microsoft
Review how one energy firm tightened protection and simplified IT work using business-ready security solutions.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

White Papers & Webcasts

Death to PST Files
Download Now  

Web 2.0, Social Media and the Dark Web - A Web Criminals Paradise?
In this discussion, learn about the challenges of protecting your users from the potentially unsafe content hidden in the "Dark Web".

eGuide: Enterprise Security
Smart Security Strategies for 2010. Read now!  

Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...


IT Jobs