IBM Bans Staff From Using Removable Storage Devices

An anonymous reader shares a report: In an advisory to employees, IBM global chief Information security officer Shamla Naidoo said the company "is expanding the practise of prohibiting data transfer to all removable portable storage devices (eg: USB, SD card, flash drive)." The advisory stated some pockets of IBM have had this policy for a while, but "over the next few weeks we are implementing this policy worldwide." Big Blue's doing this because "the possible financial and reputational damage from misplaced, lost or misused removable portable storage devices must be minimised." IBMers are advised to use Big Blue's preferred sync 'n' share service to move data around.

Re:I guess nobody told them

[The-Ixian]

It's super trivial to export data for someone already on the inside.

I was at a company that locked down USB ports as described in this article and also proxied all web traffic, blocked all cloud file sharing services and fiddled with session cookies to web sties.

And yet they offered PuTTY in their user-allowed, self-service app portal....

SSH tunnel to my home network (along with whatever TCP redirects I wanted)....

Not saying I exported data, although I did test it to see if it would work (for science!)... I just used it to do personal web browsing from my own computer.