[ISN] Warning on iPod threat
isn at c4i.org
Thu Apr 7 02:15:30 EDT 2005
[I wonder if this CEO has been reading old copies of InfoSec News
from about '02 - http://seclists.org/lists/isn/2002/Mar/0002.html - WK]
06 April 2005
Portable media players like the iPod pose a significant security risk
according to figures from software auditors Centennial Software.
Nearly nine out of ten of the 220 IT managers questioned took no
action to prevent such devices coming into the workplace even though
over half of them recognised storage devices like the iPod as a
"External security risks are well documented, but firms must now
consider internal threats, which are potentially even more damaging,"
said Andy Burton, chief executive of Centennial Software.
"Deliberate or accidental, the damage caused by the misuse of
removable media devices can be disastrous. Employees can seriously
endanger the company by taking sensitive information off-site,
introducing viruses, or simply creating a build up of unwanted files
on the network."
The survey found that many IT managers were ignoring the issue, with
over a third saying they did not view the devices as a threat.
Portable devices like the iPod can be used to store a whole variety of
data, including documents and spreadsheets. The average
word-processing file is between 25k and 30k, meaning that a 20GB
player could hold more than 750,000 documents.
More information about the ISN