Beware the iPod 'slurping' Employee

Zoner12 writes "CNet is reporting that Abe Usher has created an application that allows an iPod to scan corporate networks for files likely to contain sensitive business data and download them, potentially stealing 100 megabytes in a few minutes. An insider threat would only need to plug the iPod into a computer's USB port."

Locked Down USB Ports!

[GaryPatterson]

I work in a ... large... company (one of the top Fortune ones) and there was a global mandate last year to lock all USB access for data storage devices unless users can make a special case.

That means that USB keys, iPods, plug-in hard drives and so on not only fail to work here, but they generate a little message to the IT department.

Some users, like our media guys, need this access for their work (in this case, digital camera images), and they have an exemption.

This lockdown removes the possibility for portable storage device-based data copying.

Of course, I can always stay late, take the PC apart, remove the hard drive, take it home and copy it, come in early the next day and re-install it. But that's just naughty.

My point is that IT security policies can easily stop this sort of issue, and most large companies are already doing this.