Risk: Informational
Apple's trendy iPod players could be a serious security risk, Gartner claims. The analyst firm says the devices could be used to sneak out valuable corporate information or introduce computer viruses into corporate environments.
Gartner expresses similar concerns about portable FireWire hard drives, such as those from LaCie or Toshiba, and USB hard drives or keychain drives, digital cameras with smart media cards, memory sticks, compact flash and other memory media.
In a research note, Gartner writes: "The use of unauthorised portable storage devices poses many dangers, not least for the malicious code that they can introduce. High data capacity and transfer rates, and broad platform support mean that a Universal Serial Bus (USB) or FireWire (IEEE 1394) device has the capacity to quickly download much valuable corporate information, which can be easily leaked to the outside world.
"This underlying vulnerability has existed since the release of Microsoft Windows 2000, the first widely deployed operating system able to mount a USB storage device automatically," he adds.
Firms should think about disabling universal plug and play functions after installing desired drivers, to restrict their use to authorised devices, Gartner advises. Host-based intrusion prevention software can be used to control the use of USB ports, and we can expect this function to feature prominently in sales pitches from various manufacturers.