Centennial Software, the developer of endpoint security and IT asset management solutions, has warned organisations to prepare for an influx of personal IT gadgets on the corporate network when employees return to work after the holiday season.
These devices such as MP3 players, digital cameras and other mobile devices can not only bring unwanted software onto the network, but can also serve (intentionally or unintentionally) as a tool for the illegal acquisition of corporate data and information.
Centennial recommends IT security professionals implement four simple New Year resolutions that will help mitigate security issues associated with portable storage devices in 2008:
- Make sure all security policies are up-to-date
- Send a company-wide email to remind employees of usage policies
- Get visibility of all device connections and data transfers
- Implement technology to stop unauthorised device connections
“Portable storage devices are increasingly popular, and with the holidays come a whole slew of the latest high tech toys,” said Howard Waterson, Asia-Pacific Regional Manager at Centennial Software.
“For a network manager, these gadgets can raise security concerns as employees start plugging into the network. It’s imperative to protect the corporate network with an effective endpoint security strategy that combines policies to educate with technology to enforce acceptable behaviour.”
While lifestyle IT accessories such as iPods and PDAs may appear totally innocent, the fact is that in the wrong hands these removable media devices can present a serious endpoint security risk to any organisation.
And with the average financial impact of each security breach now exceeding AU$230,000, the cost of doing nothing has never been higher.
To help organisations build an effective security or acceptable use policy, which includes portable media devices, Centennial Software’s white paper entitled Building the Perfect AUP is available online.
The company also offers a 30-day free version of its DeviceWall security software, which enables security staff to audit and manage all device connections and data transfers between corporate PCs and portable devices.