A new report from Gartner is spelling out the dangers that iPods, those nearly ubiquitous music players from Apple, and other portable jukeboxes can pose to computer security.
Gartner’s “How to Tackle the Threat From Portable Storage Devices” report warns that digital music players, with their copious amounts of storage capacity — the Apple iPod tops out at 40 GB, Creative sells versions of the Zen up to 60 GB — can be used to quickly leach sensitive data from a corporate network and taken offsite among the other benign personal electronics found in the typical professional’s briefcase.
Not only is data theft a problem, so are the hazards these devices pose as virus carriers. The thinking goes that despite the best efforts of an IT staff to lock down its network against outside threats, someone can just plug the devices into a local PC or workstation, mount it as a drive and introduce malicious code in that manner.
Administrators are advised to disable Universal Plug and Play, which automatically loads USB storage devices as a drive, after required drivers are accounted for. The report also advises businesses to look into DRM and encryption protection schemes to keep a lock on their sensitive information
However, it is unfair to single out iPods as they aren’t the only devices on the block with considerable amounts of storage at their disposal.
A wide array of consumer electronics feature the ability to connect to PCs and house drive or flash memory. These include music and video players as well as PDAs and digital cameras. Portable USB keyrings and backup drives pose many of the same dangers.
IT professionals have battled this type of threat in the past, the latest wrinkle being the vast amounts of data the current generation of products can haul out of a corportation’s doors. Couple this with the myriad of other ways data can be taken from a network, tech departments appear have their hands full.