Employee Slurping

  • Employee Slurping

    I'm not talking about soup at the employee cafeteria or summer trips to 7-11, but rather the newest definition of slurping: siphoning off data with portable storage devices. It started to become a big concern with the wide deployment of iPods with their 20+GB storage capacity and easy connection to PCs. The advent of this scale of portable device, made more disturbing because of their benign appearance, has raised the concern of IT security folks. Now someone could appear to be listening to music while doing their work and siphon off an entire database!

    Now a number of companies are starting to build software to secure USB devices and help prevent data theft. And they're taking an interesting approach, similar to that taken by networks: they control the access to USB devices at the PC level.

    This is a step in the right direction, but it still doesn't limit what data can be downloaded to the device if USB access is enabled. It does report on access, which is probably as important as blocking the transfer. Being able to respond to security events and track them down is critical since someone will always find ways around the limits you impose.

    The is of particular concern for DBAs as the sizes of these devices grow close to that of our databases. Losing a record or two of data is one thing. Losing an entire database is something else.

  • securing the data ports is the legitimate approach. Some employers have tried banning ipods etc, but this attacks the wrong problem. First these products have legitimate use that is completely harmless to the company, so the ban is only an additional point of hostility both from the capriciousness of it, and the implied (well actually overt) distrust of the employee. Secondly, it won't work because anyone dishonest enough to steal data can easily smuggle devices into the office, so only honest employees are penalized.

    Only systematic security and securing at connection points actually provides any protection.

     

     

    ...

    -- FORTRAN manual for Xerox Computers --

  • araldite in the usb ports does the trick...

  • No matter what you do policy or hardware wise, someone will get around it. Might even drop a new card in their PC or something. Monitoring is critical even if you take other steps to know when something is accessed.

Viewing 4 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Login to reply