Sunday, July 11, 2004

Warning: iPods pose business security risk

By Matthew Fordahl
The Associated Press

SAN JOSE, Calif. - Companies beware: Critical corporate data might be dancing out of the office with workers who bring their iPods to work.

The research firm Gartner Inc. warns of security risks posed by the popular music player and other portable storage devices that plug into a PC's USB or FireWire ports. The iPod, like the rest, can hold data in addition to tunes.

"Businesses are increasingly putting themselves at risk by allowing the unauthorized and uncontrolled use of portable storage devices," Gartner analyst Ruggero Contu wrote.

The problem, he says, is twofold. In one scenario, employees could simply drag and drop sensitive files into the devices, which often come with gigabytes of storage capacity. In the other, the devices could carry a virus, Trojan horse or other "malware."

The solution?

"Companies should forbid the use of uncontrolled, privately owned devices with corporate PCs," Contu said.

Prohibition isn't the only way to mitigate risk, however.

Bosses also can educate employees, create policies and protect data with encryption. There are also programs available, including an offering from SecureWave, that limit use of a PC's USB ports to authorized devices.

Contu, based in the United Kingdom, did not compare the risk from portable storage with those from floppy disks, CD burners, e-mail and printers.

Apple Computer Inc., which makes the iPod, declined to comment on the research.

Queen City Rewind
Airport's challenges continue to mount
Look Who's Talking: George Fraundorfer
Lights, Camera, Company
Tristate Business Notes
Women execs can prosper by teeing up
Golf can be both business, pleasure
Bear market ate up fund managers, too
Building a better car - one atom at a time
Business agenda
Warning: iPods pose business security risk