A friend of mine just returned from the Consumer Electronics Show, where he saw NBC giving away 2GB flash drives at its booth in return for a badge swipe!
I remember when flash drives first came out: 8 or 16MB cost more than $100, and people gladly paid it. The price point has hockey-sticked downward, and with it, demand for more and more storage that fits in your pocket has skyrocketed. To me, however, there’s a more important focus: when 2GB flash drives are being tossed around like gumdrops, it means that the means of preventing access to files have to be rethought. And I’m not just thinking of flash drives.
The cat-and-mouse game that infosec pros have played with the bad guys has now extended to the good guys as well. It’s not a matter of them trying to do something wrong, per se...it’s all a matter of convenience to the people inside an organization. If you gum up their USB ports to prevent the use of thumb drives, they’ll will use Gmail...or Hotmail. And if you block those sites, they’ll use another site you don't even know about until too late. (Has anyone seen YouSendIt.com?)
No, files leaving the cozy confines of the company cannot be totally controlled. However, if the files were protected, we may have a chance. Makes me believe that a data-centric approach to protection of information is an absolute must.... And through a combination of encryption, access control and retention. So that the information stays protected, even if there are more ways and means than ever before to gain access to the files.
Now, if anyone can figure out a way to load (or "leak") one of those 150” diagonal plasma screen TVs my friend saw at CES onto that 2GB flash drive, let me know. :)
I remember when flash drives first came out: 8 or 16MB cost more than $100, and people gladly paid it. The price point has hockey-sticked downward, and with it, demand for more and more storage that fits in your pocket has skyrocketed. To me, however, there’s a more important focus: when 2GB flash drives are being tossed around like gumdrops, it means that the means of preventing access to files have to be rethought. And I’m not just thinking of flash drives.
The cat-and-mouse game that infosec pros have played with the bad guys has now extended to the good guys as well. It’s not a matter of them trying to do something wrong, per se...it’s all a matter of convenience to the people inside an organization. If you gum up their USB ports to prevent the use of thumb drives, they’ll will use Gmail...or Hotmail. And if you block those sites, they’ll use another site you don't even know about until too late. (Has anyone seen YouSendIt.com?)
No, files leaving the cozy confines of the company cannot be totally controlled. However, if the files were protected, we may have a chance. Makes me believe that a data-centric approach to protection of information is an absolute must.... And through a combination of encryption, access control and retention. So that the information stays protected, even if there are more ways and means than ever before to gain access to the files.
Now, if anyone can figure out a way to load (or "leak") one of those 150” diagonal plasma screen TVs my friend saw at CES onto that 2GB flash drive, let me know. :)
