The recent buzz about security threats posed by iPods to corporations has reinforced the need for IT managers to treat these devices like any other removable media that employees with malicious intent can use to extract sensitive data.

Following the suggestion recently made by a security company that iPods be banned from the workplace until proper protection is in place, and the emergence of a proof-of-concept iPod virus, it would seem that iPods pose a particularly high risk to corporations that let employees wander into work with these devices strung to their ears. Those same devices that entertain workers during their commute can be used to copy personal or financial data, intellectual property and other sensitive information from corporate PCs, often without a trace. The idea of stealing corporate data with an iPod has gained so much attention lately that it’s even been given its own term -- slurping.

Also read: Five ways to prevent data theft by iPod
Plus: Should Apple bear some responsibility to add security to iPods?

“If you see someone walking in the door [of a company] with an iPod they don’t look like a threat, but to me I see the ability to download reams of files, and it might just look like they’re downloading music,” says Jim Hereford, CEO of NextSentry, which issued the suggested iPod ban and makes software that prevents employees from unauthorized copying of corporate data. “We’re not saying companies shouldn’t allow iPods, but they better have endpoint security on their desktops.”

Endpoint security technology, available from NextSentry as well as handfuls of other companies in the monitoring, content-ware and data loss prevention spaces, is designed to solve the problem by blocking information that’s been deemed sensitive from being copied onto removable media, e-mailed or printed. This way, employees can use their iPods in an office setting -- particularly important as corporations begin to look at the video devices as not just entertainment but potential training tools -- but won’t be able to copy data onto the iPod unless authorized to do so.

But others say iPods pose no more risk of corporate data theft than a cell phone that can snap a photo of a computer screen or a thumb drive that slides into a shirt pocket. The issue is that organizations need to realize that iPods should be treated accordingly.

Whitepapers

• Gene Kim's Practical Steps to Mitigate Virtualization Security Risks
• Selecting Effective Virtual Directories
• A Modern Approach to On-Demand Email and Data Security
• Best Practices for HP Servers and HP Enterprise Virtual Array in a Microsoft Exchange
• Compliance, Protection, Recovery: A Layered Approach to Laptop Security
• Endpoint Security: Data Protection for IT, Freedom for Laptop Users

View more SECURITY whitepapers

Webcasts

• Key Considerations for a Successful 802.11n Deployment
• Solutions to the Toughest IT Challenges in Remote Offices
• Lowering the Cost of Email Archives
• High Availability for SQL Server 2005 Using Array-Based Replication and Host-Based Mirroring Technologies
• Technical Overview of Exchange Server 2007 with HP Servers and Storage
• Bringing Order and Security to your Mobile Workforce: Corporate Mobility Policy and Device Management On-Demand

View more SECURITY webcasts

Special Reports

• The Evolution of Network Security
• Taking Virtualization Up a Notch
• Learn how to Keep your Mobile Workforce Connected
• The self-managed network

View more SECURITY special reports