Slashdot Mirror

← Back to Stories (view on slashdot.org)

Beware the iPod 'slurping' Employee

Posted by ryuzaki0 on from the someone-out-there-is-going-to-outlaw-ipods-now dept.

Zoner12 writes "CNet is reporting that Abe Usher has created an application that allows an iPod to scan corporate networks for files likely to contain sensitive business data and download them, potentially stealing 100 megabytes in a few minutes. An insider threat would only need to plug the iPod into a computer's USB port."

2 of 390 comments (clear)

  1. Less-than-competent physical security by tepples · · Score: 3, Informative

    There's nothing you could do with the iPod that you couldn't do with your normal computer and any random external hard drive [...] What's the big deal that an iPod can do it?

    Because an iPod is a hard drive disguised as a music player, which may help you get past less-than-competent physical security in ways that you couldn't with a pure hard drive.

  2. Locked Down USB Ports! by GaryPatterson · · Score: 4, Informative

    I work in a ... large... company (one of the top Fortune ones) and there was a global mandate last year to lock all USB access for data storage devices unless users can make a special case.

    That means that USB keys, iPods, plug-in hard drives and so on not only fail to work here, but they generate a little message to the IT department.

    Some users, like our media guys, need this access for their work (in this case, digital camera images), and they have an exemption.

    This lockdown removes the possibility for portable storage device-based data copying.

    Of course, I can always stay late, take the PC apart, remove the hard drive, take it home and copy it, come in early the next day and re-install it. But that's just naughty.

    My point is that IT security policies can easily stop this sort of issue, and most large companies are already doing this.