Add IPods To List Of Portable Devices That Pose Corporate Security Threat

The research firm Gartner Inc. warns of security risks posed by the popular music player and other portable storage devices that plug into a PC's USB or FireWire ports. The iPod, like the rest, can hold data in addition to tunes.

"Businesses are increasingly putting themselves at risk by allowing the unauthorized and uncontrolled use of portable storage devices," Gartner analyst Ruggero Contu wrote. The problem, he says, is twofold. In one scenario, employees could simplly drag and drop sensitive files into the devices, which often come with gigabytes of storage capacity. In the other, the devices could carry a virus, Trojan horse or other malware. The solution?

"Companies should forbid the use of uncontrolled, privately owned devices with corporate PCs," Contu said. Prohibition isn't the only way to mitigate risk, however.

Bosses also can educate employees, create policies and protect data with encryption. There are also programs available, including an offering from SecureWave, that limit use of a PC's USB ports to authorized devices.

Contu, who is based in the United Kingdom, did not compare the risk from portable storage with those from floppy disks, CD burners, e-mail and printers.

Apple Computer Inc., which makes the iPod, declined to comment on the research.