Tiny Storage Could Mean Big Security Headaches

It's geeky, fun and scary all in one package. Boot that baby up with the operating system of your choice, bring highly useful tools wherever you go, keep your power points safe from hard drive crashes, and rip off customer data! Indeed, it's frighteningly useful with USB 2.0 speeds. And you can get it for less than the price of a month's worth of lattes (the street price is about $80 at Newegg.com).

The availability of tiny storage devices can lead to some interesting security measures. On a recent visit to EADS (European Aeronautic Defence and Space Co.) last year, I had to empty my pockets and leave my PDA and memory sticks in a locker. I suppose I should be grateful that there was no body-cavity search--the way data sticks are shrinking, you can hide them almost anywhere.

What's an already-harried security admin to do? If you haven't already, you'll want to ensure that your physical security is up to snuff. You may also want to look at monitoring internal file traffic thresholds a little more closely (the casual data thief will likely try to snarf lots at once). Those who were disturbed by floppy drives or writable CD-ROMs could find the I-Stick and its inevitable cousins overwhelming. Consequently, they may want to investigate software such as GFI LANGuard's Portable Storage Control and SmartLine's DeviceLock.

Although the small USB devices don't pose a new threat--data theft, after all, has always been a problem--they should put the security issue squarely on the radar. Still, the dang little things are cool, aren't they?