Er, OK.
The Apple Blog has a posting that rips into Network World for it’s “expose” on iPods in the workplace.
Network World informs its readers that “Those same devices that entertain workers during their commute can be used to copy personal or financial data, intellectual property and other sensitive information from corporate PCs, often without a trace.â€
Wow, way to be on top of this aspect of the iPod. Let’s see, when did it gain the functionality to act as an portable hard drive? Oh, right, when it was first released in November 2001. And when did it gain PC compatibility? As recently as July 2002.
After having had a battle of wits with an unarmed man on this same subject, I have to say that I’m still chuckling after reading this one. Good job.
Let’s be honest here. The iPods are not the real threat. They are simply have the potential to be a tool in the commission of an offense. The tripe that I have heard from vendors on the evils on iPods borders on asinine. Geez, if I was really in a pinch to block iPods and USB devices from accessing corporate resources I could flip the bit in the registry. But, what does this buy you? Not a whole lot. Frankly the harder you squeeze employees the more information will leak out of your enterprise.
You want to block iPods? Sure, go ahead. I just have to pick up this 300 page print out before I head home.
NB. Welcome Macsurfer.com readers!
[tags]iPod Security, iPod Virus, The Apple Blog[/tags]
I’m with you. I find the ISO definition of threat to be way too broad. I’d rather narrow it to things that can act on their own. That way, risk analysis is much easier and makes me more effective.
The problem is not technology. It’s people. I lose my patience with vendors trying to sell you the latest thing to stop problem X. Security by bandaid and duct tape just doesn’t cut it. In some cases there has to be a wholesale tear down and rebuild of the underlying infosec program.
The real problem (iPods as an example) resides on a much more fundamental level.