This seems to me like just another ridiculous hype to boost new "security" products. Lets face it: There may be a small additional threat to security by USB-devices, but it s marginal at best. If you re concerned about security it all comes down to a good policy, a strict enforcement of the need to know-principle (hey, you do NOT need to buy any additional products, you CAN do it by means of any recent operating system) and last but definitely not the least a good treatment of employees. Treating employees like rubbish -common in almost any company nowadays- is a surefire way to endanger your operation, no matter how many shiny security-products you bought. Extensive use of technology in this case will never work because fixing a human problem by technical means NEVER does. Just think about the distribution of information, get a good and reasonable security-policy -one which is accepted, understood AND supported by your employees- into action, follow some basic guidelines regarding security-infrastructure (firewalls, network segmentation, segregation of duties, and a buttload of antivirus/antispyware), start treating your employees like human beings instead of suspicious animals and you ll be reasonably safe.
Slashdot Mirror
This seems to me like just another ridiculous hype to boost new "security" products. Lets face it: There may be a small additional threat to security by USB-devices, but it s marginal at best. If you re concerned about security it all comes down to a good policy, a strict enforcement of the need to know-principle (hey, you do NOT need to buy any additional products, you CAN do it by means of any recent operating system) and last but definitely not the least a good treatment of employees. Treating employees like rubbish -common in almost any company nowadays- is a surefire way to endanger your operation, no matter how many shiny security-products you bought. Extensive use of technology in this case will never work because fixing a human problem by technical means NEVER does.
Just think about the distribution of information, get a good and reasonable security-policy -one which is accepted, understood AND supported by your employees- into action, follow some basic guidelines regarding security-infrastructure (firewalls, network segmentation, segregation of duties, and a buttload of antivirus/antispyware), start treating your employees like human beings instead of suspicious animals and you ll be reasonably safe.