Following the news that IBM have banned its workers from using USB Sticks and removable media, Jon Fielding, Managing Director at EMEA Apricorn commented below.
“This would appear to be an extreme reaction from IBM and they themselves admit it is “restrictive”. They site 2 reasons for the decision; loss and misuse, and the valid concern that either could result in “financial and reputational” damage. The first concern is addressed by providing corporately approved, hardware encrypted devices to employees that have a valid business justification for their use. IBM, or any company for that matter, should then enforce this policy by locking down all corporate USB ports to only accept the corporately approved device. Once implemented, they can be confident that any data crossing the USB is encrypted in hardware and, if the device is lost, is unavailable to anyone other than those authorised.
The second reason – misuse, plays to the concern of employees with bad intention. Banning USBs doesn’t solve this problem as there are many different vectors a determined bad actor can leverage; this would be more about hiring policy and employee validation.”
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.