Top menu

10/27/2004

Network World: "The theft threat"

The theft threat

By Barton Mckinley
Source: Network World

Sue is an industrial spy who has arranged to attend a meeting at the company she is targeting. She slips away from the meeting to check out the marketing department. It's lunchtime, and the place is almost empty. Sue quickly spots a PC that's still logged on to the network. She steps into the cubicle where she is hidden from view, plugs her 512M-byte USB memory stick into the workstation and copies several folders and a client database from the local and network drives. She unplugs and pockets the memory stick and nonchalantly leaves. The whole process takes less than 5 minutes, and nobody knows that she has stolen more than 200M bytes of corporate data.

This all too possible scenario illustrates a growing security concern. The fear is that people will use USB memory sticks, MP3 players and the like to upload malware, steal data from corporate networks, and share stolen software, MP3 or AVI files. In its report, "How to Tackle the Threat from Portable Storage Devices," Gartner suggested that organizations forbid attachment of privately owned portable storage devices to corporate PCs. The report also recommended that desktop PCs be carefully configured to remove or disable drivers needed to use such unauthorized devices.

Ultimately, any portable storage device policy will need to be backed up with compliance or monitoring tools. This likely will require third-party software because standard operating system tools such as Windows 2000 Group Policy do not enable monitoring or blocking of individual ports.

One product that might fit the bill is SmartLine's DeviceLock, which lets network administrators control user access to I/O ports and storage devices on local workstations. With DeviceLock, individual users are assigned privileges depending on who they are, what device is involved, and the date and time. For example, a network administrator could let one consultant use his USB memory stick but block all other consultants from doing so. The consultant also could be blocked from attaching his MP3 player.

In the end, policy and enforcement are more likely to be effective than a ban of portable storage devices. After all, a ban isn't going to block someone like Sue, anyway.

Full story at nwfusion.com

Related articles:
Understand the risks of USB storage devices
USB and FireWire devices pose security threat
Corporate security: risks of the insiders attack

News archive