Stories
Slash Boxes
Comments

SoylentNews is people

posted by mrpg on Saturday May 12 2018, @11:01PM   Printer-friendly
from the man-nc dept.

[...] The possibility of "financial and reputational" damage if staff lost or misused the devices prompted the decision, reported The Register.

Instead, IBM staff who need to move data around will be encouraged to do so via an internal network.

[...] Some IBM departments had been banned from using removable portable media for some time, said Ms Naidoo, but now the decree was being implemented worldwide. IBM staff are expected to stop using removable devices by the end of May.

[...] Security expert Kevin Beaumont said: "It is a brave move by IBM, as USB devices do present a real risk - often it is very easy to extract data from a company via these devices, and introduce malicious software."

[...] Sumir Karayi, chief executive of security company 1E, said IBM's ban was an "overreaction" by security staff who had not realised the many different ways data flowed in and out of an organisation.

[...] On 25 May, the GDPR rules are enacted, which impose heavy fines on organisations that do not do enough to protect sensitive information.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Funny) by looorg on Sunday May 13 2018, @01:06AM (2 children)

    by looorg (578) on Sunday May 13 2018, @01:06AM (#679011)

    Like the CEO of IBM would carry her own USB stick. I'm sure she has some senior executive assistant to do that for here, or if they ban USB-sticks now I guess he has to carry a stack of old blue floppy disks (time to load the PP onto the machine will take between 3-4 hours of floppy swapping).

    Starting Score:    1  point
    Moderation   +1  
       Funny=1, Total=1
    Extra 'Funny' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 2, Interesting) by Anonymous Coward on Monday May 14 2018, @08:01AM (1 child)

    by Anonymous Coward on Monday May 14 2018, @08:01AM (#679472)
    FWIW I've used my phone to install legit software updates for financial orgs before.

    The normal usb driver stuff is blocked but MTP works fine. Plug phone to PC, copy updates to PC, transfer updates from PC to server. Install.

    I think they know in theory it's a loophole but in practice that's how they keep the "security auditors" happy while still managing to get stuff done before 2020 (including installing security updates that the "security auditors" insist on).
    • (Score: 2) by MostCynical on Tuesday May 15 2018, @03:42AM

      by MostCynical (2589) on Tuesday May 15 2018, @03:42AM (#679927) Journal

      I've worked for orgs with policies for instant-dismissal-for-connecting-smart-phone-to-work-computer.

      Buying a charger for work and finding a spare power point was easier (and cheaper!) than buying usb charge-only cables.

      --
      "I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex