Emerging USB and FireWire technologies allow massive amounts of data to be
transferred at lightning speeds. Devices continue to decrease in size, and
the storage capacity keeps multiplying. All this makes for fast, efficient,
and convenient information exchange, but there is a downside - security.
Firewalls and antivirus software are no defense against the latest form of
computer attack that comes via open USB and FireWire (IEEE 1394) ports. Not
only can viruses, worms and Trojans get into the corporate network this way,
but valuable data can leave the company in huge quantities.
Unfortunately, standard access control solutions coming with Windows operating
systems do not allow the assignment of permissions for USB and FireWire ports.
Restricting these devices in the corporate environment will be next to
impossible. Their small size allows for easy concealment anywhere on the
body or in a bag.
|
|
Did you know? |
Employees can use tiny USB storage devices to download hundred megabytes
of proprietary information and upload potentially harmful software or
viruses. |
|
All that disgruntled employees need to do is to connect a small digital camera
or MP3 Player to the USB or FireWire port of any unattended computer and
they are able to download confidential data or upload harmful viruses. Since
the malicious attack is launched from within the organization, firewalls
and antivirus software are not alerted.
|
|
Did you know? |
You don't have to be an administrator to install USB and FireWire
devices, and you can't manage these devices via Group Policy! |
|