Re: [ISN] iPod is latest security risk for business, say analysts

• Previous message: InfoSec News: "[ISN] Security UPDATE-- Disabling the ADODB.Stream Object--July 7, 2004"
• Maybe in reply to: InfoSec News: "[ISN] iPod is latest security risk for business, say analysts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Forwarded from: Richard Forno <rforno@private>

Obviously the person writing this advisory isn't a security person nor
had much experience in the real world of operational IT business life.  
I also wonder where this person has been for the last several
years....portable storage devices are hardly a "new" security concern.

Let's not forget that floppy disks and CDs still come-and-go freely in
many organizations, and I've encountered only a handful of enterprises
that block known (and actively seek out unknown) webmail account
providers that otherwise serve as a nice conduit to "bypass perimeter
defenses."  And that's just for starters.

If one takes this fellow's guidance to its logical conclusion,
companies need to either get rid of all computers, get rid of all
employees, or strip-search everyone as they come and go each day.
While that definitely increases security, methinks it 'might' -- just
might -- kill productivity. :(

-rick
Infowarrior.org



> From: InfoSec News <isn@private>
> Reply-To: isn@private
> Date: Tue, 6 Jul 2004 04:52:37 -0500 (CDT)
> To: isn@private
> Subject: [ISN] iPod is latest security risk for business, say analysts
> 
> http://software.silicon.com/security/0,39024655,39121918,00.htm
> 
> [Gartner rehashing old ISN posts?
> http://seclists.org/isn/2002/Mar/0002.html  :)   - WK]
> 
> 
> By Andrew Donoghue
> silicon.com
> July 06 2004
> 
> Companies should consider banning portable storage devices such as
> Apple's iPod from corporate networks as they can be used to
> introduce malware or steal corporate data, according to an analyst.
> 
> Small portable storage products can bypass perimeter defenses like
> firewalls and antivirus at the mailserver, and introduce malware
> such as Trojans or viruses onto company networks, claimed analyst
> house Gartner in a report issued this week. Analysts have warned for
> some time of the dangers of using portable devices, but the report
> points out these also now include "disk-based MP3 players, such as
> Apple's iPod, and digital cameras with smart media cards, memory
> sticks, compact flash and other memory media."



_________________________________________
Help InfoSec News with a donation: http://www.c4i.org/donation.html

• Previous message: InfoSec News: "[ISN] Security UPDATE-- Disabling the ADODB.Stream Object--July 7, 2004"
• Maybe in reply to: InfoSec News: "[ISN] iPod is latest security risk for business, say analysts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Thu Jul 08 2004 - 05:22:35 PDT