It has already rocked the music industry: is the iPod about to do the same to computer security? Apple shipped more than 6 million of the portable music players for the third quarter seven times the volume for the same period a year earlier but that's not music to everyone's ears. Corporate IT managers are increasingly concerned about the dangers posed by removable data storage devices, from iPods and memory sticks to digital cameras and PDAs.
Things could get worse still, with Motorola's iTunes-friendly cell phone expected to launch this week. Hooked up to company machines, the devices can introduce viruses, or, more likely, be used to download confidential files. Armed with a 20-GB iPod, a disgruntled employee or even an outgoing staff member keen to retain contacts could nab an entire client database, according to computer-security firm Centennial Software. Late last year, one London recruitment agency worker poached the firm's client base with his iPod, before launching a rival company.
So what's the company IT boss to do? Squeezing superglue into USB ports (as some have done) is no long-term fix. The devices should be "prohibited where confidential information could leak out," says David Friedlander, senior analyst at tech consultants Forrester Research EMEA in Amsterdam. Some security-minded organizations have done just that. Britain's Ministry of Defence has outlawed the gadgets on certain sites.
But software makers can help out, too. Centennial has seen interest in specialized products from government, military and financial services firms spike in recent months. Besides, "we've lived with the Xerox machine," points out Jay Heiser, British-based research vice president for information security and risk at Gartner. "It hasn't killed business."