I recently caught someone at a client site using an iPod to pull corporate data onto it as a hard drive. This brought to mind an interesting paper on iPod forensics that I came across. It was written by Christopher V. Marsico & Marcus K. Rogers. Very much worth a read. Now one thing that people can do to avoid a similar situation is to disable the USB. This is not to say that USB will no longer work for printers and keyboards et cetera. Simply the storage aspect.
Run regedit ans search for the key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR
[tags]USB Storage, iPod Forensics[/tags]