Sensitive Data Stolen Via Digital Cameras

Jack writes "ITO is running an interesting story on a new security threat connecting digital cameras and hackers." From the article: "Following a spate of reports about Bluetooth and iPods devices being used to steal sensitive data from organizations, businesses are now urging to be vigilant as hackers use digital cameras to sidestep security measures. 'Camsnuffling', the latest IT managers headache being used to computer attackers to extract and store data with the help of digital camera." We've previously discussed this problem.

Memmory Sticks next?

[Ironsides]

Since the article seems to be more concerned about using cameras to store information, rather than taking pictures of sensitive documents, how long until USB Memmory sticks are targeted? Floppies? Geez, if they're that worried about security they need to be concerned about anything that stores info, not just what appears to be everyday items.

Re:Memmory Sticks next?

[malraid]

That why our IT department fills every hole in every computer with epoxy. It's bitch when we have to fix something, but then, a broken computer is not a security threat.

Re:Memmory Sticks next?

[gary73013]

Don't laugh. The three letter Government Agency for which I work fills all the USB ports, etc., with epoxy. Wireless networking is NOT permitted and the buildings are shield to prevent RFI from leaving/entering the building. Additionally, security personnel "war-drive the perimeter of all buildings to ensure there is NO 802.11 traffic. Also,if I remember correctly (I'm at home now), the extra network port and parallel and serial ports on my PC have been filled with epoxy too! The infrared ports and such usually have a shield permanently glued over them too! LOL

What the USA National Archives do...

[ATeamMrT]

Since the article seems to be more concerned about using cameras to store information, rather than taking pictures of sensitive documents, how long until USB Memmory sticks are targeted? Floppies? Geez, if they're that worried about security they need to be concerned about anything that stores info, not just what appears to be everyday items.

They check everyone who enters, no cameras are allowed. Everyone needs a special Id issued by them to eneter. No jackets are allowed. No loose sweaters are allowed. They have lockers where any banned item can be kept, outside the secure area. Once you make it to the guards station, they stamp every sheet of paper you take in. When you leave, you can only take out papers they stamped. They check EVERYTHING. And they have a ton of security cameras in the building, and employees that keep track of who comes and goes. I needed papers which were in a secure area. They made me wear an ID tied around my neck, and I was escorted by an employee.

They also make it a crime to try and decieve them (for example, sneak a camera in). People can go to jail, and there are heavy penalties. They have multiple checks. The first one is a metal detector and a police officer who is more than willing to use the hand wand. The next step is the security officer who checks you in.

If companies want security, it is not hard to ban everything, hire 20 or 30 police officers, make it a crime to violate their policy, and treat everyone as dishonest liars who are more likely to steal.

A chain is only as strong as the weakest link. That is the mentality these institutions have, so they don't trust anyone, not even thier own guards.

Human larynx as security risk

[ewg]

The human larynx is the biggest security risk. It's a ubiquitous device that can broadcast via sound waves any proprietary information a knowledge-worker has been exposed to.

Of course this description is (intended to be) humorous, but the serious point is one we've heard often enough: you can't solve a human problem with a technological solution.

PostIt now!

[mlush]

From TFA
"Firstly, regularly change system passwords that employ both letters and numerals."

...resulting in a new security breach know as PostIt snatching