Login

Please login to Techworld.com

Forgot password?
Need your new account confirmation email resent?
Forgot email?

Not a member yet?

Register for a Techworld Account and enjoy unlimited access to our extensive white paper library and exclusive Enterprise multi-user software trials. Account members can also comment on articles and access best practices guides.

Security

Top How-Tos / Advice articles

iPods a security risk, surefire headline winner, says Gartner

Storage devices could be used to store data, analyst tells stunned world

By Kieren McCarthy and Laura Rohde, IDG News Service | Techworld | Published: 00:00, 06 July 2004

The iPod poses such a major security risk for businesses, to the extent that businesses should consider banning the renowned digital music player altogether.

That at least is what one Gartner analyst, Ruggero Contu, has said, and garnered plenty of press attention in the process. Contu - who, it is believed, has never seen a CD-Rom - published his four-page report "How to Tackle the Threat From Portable Storage Devices" at the end of last week and warns that: "Portable storage products can bypass perimeter defenses like firewalls and anti-virus at the mailserver, and introduce malware such as Trojans or viruses onto company networks."

But not only that. Because these iPod have memory they can be used to store sensitive data on and then taken out of a company and put on another machine! Clearly, the only option is a complete ban on these malicious instruments. It's not just iPods though - although they do generate the most interest - it is also digital cameras, memory sticks and Flash memory of any type.

The actual point being made is that these devices are increasingly common and use USB ports to send/receive data, as opposed to disk drives that have probably been securely nailed down by sysadmins. So companies should make sure they have considered their use.

The idea of pinning the blame on iPods is no more than hype though. If someone wants to add a virus to a system or download sensitive data, there are and always have been dozens of ways of doing so. Connecting an iPod means that someone already has to have direct access to a network.

As such, it is exactly the same as any other security threat from networks users. Disk or CDs with viruses, or an infected laptop connected to an unsecured network are going to be far greater risks. And if someone wants to take information out of a company, it's not as if an iPod and a USB port are the only way to do it. All these are basic network security issues that should have been tackled years ago.

But of course you can always buy the four-page report from Gartner for $95 to learn what you already know and encourage people to produce such nonsense in the future.

Send to a friend

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.