iPods, Portable Storage Devices Growing Threat For Workplace Data Leakage

  • Jul 25, 2007

CREDANT Technologies recentlyreleased the results of a survey of 323 directors, managers, CIOs, CEOs and others from the fields of IT, banking and finance, medicine, government, and education on the use of portable data storage devices including iPods, MP3 players, USB flash drives, and data-centric smart phones/SD cards in the workplace. The objective of the survey was to find out if organizations are prepared for data breaches from iPods, whose storage capacity reaches 80 gigabytes, as well as MP3 players and USB flash drives.

The survey found that although organizations see rapid growth in the use of these portable storage devices, few have a solution to prevent widespread data loss via these easy-to-lose devices. In addition, CREDANT conducted a video survey of workers who use iPods in corporations throughout Silicon Valley, with the same sobering results.

"One of the leading industry research firms estimated that the shipment of USB flash drives would exceed 114 million and SD/CF cards would exceed 375 million by the end of 2006. And Apple has sold over 100 million iPods," said Bob Heard, CEO and founder, CREDANT Technologies. "These highly vulnerable portable storage devices continue to push the consumerization of IT to the limit. Alarmingly, although people think that iPods pose a threat to their organization, too few people understand what that threat is and too few organizations are prepared to address the issue."

The following are the top five key findings from the survey:

  • 86 percent of those polled cited the USB flash drive as the device most often used to store data exchanged between computers; data-centric smart phones with SD cards came in second. But when asked to rank these devices as a source of data leakage, respondents thought the iPod was as much of a threat as the SD card/smart phone: 78 percent identified the USB flash drive as the greatest threat to organizations, 13 percent chose the data-centric smart phone, and 10 percent said the iPod was the biggest threat to corporate data.
  • Use of the iPod at work is high, with 61 percent of respondents stating that they use their iPod when traveling or at work. iPods are being brought into the workplace by Generation X and Y employees (ages 18-30). These generations have grown up with computers, and the transition from thinking of the iPod as simply an audio player will change quickly as more and more users consolidate storage devices and learn how easily an iPod or an MP3 player can be used to store large amounts of data.
  • There is a lack of understanding as to the threat iPod use poses to an organization. Widely used at work, their data leakage threat is not nearly as well understood as that of the USB flash drive. Although 61 percent of respondents had never heard of "pod slurping" (the downloading of corporate data to an iPod), 67 percent believe that iPods and similar devices are a threat now. Organizations are faced with the challenge of making sure that all data stored on iPods and other portable devices is secured because the issue of data privacy and the requirement to encrypt data applies to any platform or vehicle used to store personally identifiable data -- and an 80 gigabyte iPod can hold a lot of data.
  • Despite the fact that 67 percent of all respondents believe that iPods are a security threat today, 49 percent said they would not take any preventative action to protect against potential breaches until they know the devices are more widely used to store business data.
  • Only 6 percent of respondents have an encryption solution for data stored on iPods. And while 46 percent say they have a written security policy governing the use of iPods, 40 percent have done nothing to address this security issue.

Although survey respondents acknowledged that USB flash drives, iPods/MP3 players and data-centric smart phones with SD cards are moving into the workplace and being used to store data, organizations are still reticent about securing these devices. As enterprises, government agencies, schools, and hospitals look for a way to control data leakage from desktops, laptops, USB flash drives and even iPods, there is a clear need to keep track and secure all devices that can store data. Securing these devices not only helps an organization better manage its data assets, it also ensures that the organization has complied with government regulations if a device carrying corporate data or a customer's or patient's identifying information vanishes.

Even the possibility that an employee's lost device has leaked data such as Social Security numbers, addresses, medical histories, or financial information is grounds for notification costs and financial penalties, and could cause a hailstorm of compliance issues and lawsuits. As in the VA case and others, an organization's reputation and business are at stake.

Featured

  • Enhancing Security and Business Intelligence

    From border security to parking lots, ALPR has gained traction across multiple use cases as the technology becomes more accurate and affordable than ever. I spoke with Jason Cook, business development director at Vaxtor, a leader in ALPR AI-based analytics, and Rui Barbosa, category manager, Surveillance Products at i-PRO, a maker of AI-enabled security cameras, to delve into the latest advancements and applications of ALPR technology. Automated License Plate Recognition (ALPR) has transformed significantly over the years, evolving from a niche technology into a powerful tool for a wide range of applications, particularly in border security. Read Now

  • Leveraging Smart Sensors

    The integration of smart sensors with data-driven video technology provides schools with a comprehensive solution to enhance safety and security. This combination offers advanced capabilities such as environmental monitoring, audio analytics, vape detection and unified data management, empowering schools to create a secure and healthy learning environment for students and staff. Read Now

  • Unlocking the End-user Perception

    An observation as a creator of identity verification solutions is that while industry leaders are often excited by the opportunity to leverage biometrics, there are often concerns raised about the end-user mindset during the conversation. Primarily, what are end-users’ expectations of biometric technology? What concerns might they have about its usage to authenticate and protect their access? Read Now

  • 4 Killed, 9 Injured at Georgia High School Shooting

    Four people were killed and nine were hospitalized after a shooting at Apalachee High School in Winder, Georgia on Wednesday. That’s according to CNN. Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3