Three facts:
1. Most companies do not control which peripherals can be successfully connected to the USB ports of computers and laptops, despite software to perform this function being readily available.
2. Plugging a USB flash drive into a company computer’s port is one of the easiest ways to steal data; there is virtually no crime scene and the flash drive can be encrypted so as to make the evidence literally irretrievable.
3. In surveys about workplace data theft, employees consistently admit to copying sensitive company information for personal purposes (future employment elsewhere).
Data theft is one area in which, in the majority of cases, the threats are significantly greater than the countermeasures, and where companies are negligent in discharging their duty to protect this most essential asset.
With employees seemingly free to walk in and out of the workplace with personal flash drives, and precious few controls to stop them from using the drives for nefarious purposes, the situation is about to get a whole degree worse.
The GSM Association, the lead body of the mobile phone industry, has announced that by 2012 the majority of phones shipped around the world will use a universal mini-USB charger, the implications of which will be:
1. All employees will be walking around with devices that connect directly to company computers.
2. Employees will be tempted to charge their phones directly from desktop computers and laptops.
3. Data theft will be achieved by a simple sliding of the mouse between folders.
What’s more, in three years time many of us could be carrying our mobile phone on our wrists, in the form of a GSM wristwatch.