iPods are the latest security risk

Thumbs down from Gartner

  • alert
  • submit to reddit

Apple's trendy iPod players could be a serious security risk, Gartner claims. The analyst firm says the devices could be used to sneak out valuable corporate information or introduce computer viruses into corporate environments.

Gartner expresses similar concerns about portable FireWire hard drives, such as those from LaCie or Toshiba, and USB hard drives or keychain drives, digital cameras with smart media cards, memory sticks (we've been there already), compact flash and other memory media.

In a research note, Gartner analyst Ruggero Contu writes: "The use of unauthorised portable storage devices poses many dangers, not least for the malicious code that they can introduce. High data capacity and transfer rates, and broad platform support mean that a Universal Serial Bus (USB) or FireWire (IEEE 1394) device has the capacity to quickly download much valuable corporate information, which can be easily leaked to the outside world.

"This underlying vulnerability has existed since the release of Microsoft Windows 2000, the first widely deployed operating system able to mount a USB storage device automatically," he adds.

Firms should think about disabling universal plug and play functions after installing desired drivers, to restrict their use to authorised devices, Gartner advises. Host-based intrusion prevention software can be used to control the use of USB ports, and we can expect this function to feature prominently in sales pitches from SecureWave, PrevX, Cisco and the like over coming months. ®

Related stories

Dirty rotten inducers - the law the IT world deserves? [criminalizing the iPod]
Memory sticks are the latest security risk
UK reseller unveils 'video iPod'


Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
How to simplify SSL certificate management
Simple steps to take control of SSL certificates across the enterprise, and recommendations centralizing certificate management throughout their lifecycle.