Getting pod slurped

If you don`t already know the term "pod slurping", I guarantee it`s not at all what it sounds like!

For the uninitiated, "pod slurping" is the name conferred earlier this month by US security expert Abe Usher on the theoretical practice of using an iPod or any similar portable storage device to copy or "slurp up" thousands of computer files quickly and easily from company workstations.

See, I told you it wasn`t nearly as interesting as it sounds. The question is whether or not it is a real threat, or just a Gartner theory to which Usher chose to give a rather colourful name in a recent edition of his blog?

Nearly a year since an analyst from Gartner warned that iPods and similar portable storage devices could be used to steal company data, Usher has written what he calls a proof-of-concept application that runs on an iPod, enabling any device connected to a workstation to copy or "slurp up" all the documents it finds.

Usher contends that with more than 30 million iPods around, boasting up to 30GB of storage space, the device makes a perfect tool for data theft.

Warwick Ashford, portals managing editor, ITWeb

Usher contends that with more than 30 million iPods around, boasting up to 30GB of storage space, the device makes a perfect tool for data theft. By demonstrating recently just how easy it is to walk off with megabytes of information using an innocent-looking iPod and simple software, Usher has stirred up fresh debate about the threat posed by all plug-and-play portable storage devices.

Quantifying the threat for the first time by sketching a scenario in which a data thief posing as a cleaner with an iPod could easily hook up to dozens of workstations and "slurp up" 20 000 files within only an hour, Usher has sent some companies scurrying for the panic button.

Yes, this sounds alarming, but having checked several blogs and bulletin boards on the Internet, the consensus appears to be that pod slurping is a storm in a teacup, mainly because so many security vendors have developed solutions to enable organisations to lock down desktops as recommended by Gartner when it first identified the threat now known as "pod slurping".

Thanks to these solutions, it is now possible to lock out unauthorised users from just about every plug-and-play device, whether it uses USB, firewire, WiFi or Bluetooth to connect to desktop computers. It is also possible to lock out unauthorised users from CD-ROM and floppy drives as well as serial and parallel ports. Even if a would-be pod slurper were to sidestep log-in authentication by using a boot disk or other technique, data theft would be impossible.

In addition to technology-based solutions, organisations also have the option of policy-based countermeasures. While banning iPods and similar devices from the workplace would be an unpopular countermeasure and probably cause riots in most organisations, it would be relatively simple to enforce stricter access control.

The need for clear policies was a common theme running through the sessions led by industry experts at this week`s Terrapinn information security, storage and business continuity conference held at the Sandton Convention Centre.

While the need for organisations to have specific plans for protecting their digital assets was mentioned repeatedly at the three concurrent conventions, speakers also emphasised that a policy that is not enforced consistently is perfectly useless.

A keynote speaker for the information security convention made the point that because security threats are invisible, they are often ignored. Perhaps it is this very behaviour pattern that makes pod slurping potentially highly dangerous because an iPod or similar device would practically be "invisible" in the workplace.

If nothing else, Usher`s pod slurping moments of Internet fame this month have served to highlight the fact that firewalls, anti-virus software and traditional network group policies are not effective against data theft from within organisations because anyone can connect an "invisible" portable storage device like an iPod to a computer and copy whatever they want.

Pod slurping may not be new or half as exciting as it sounds, but it may well be the wake up call many companies need to shock them into getting real about the risks of failing to ensure physical security for information.

Perhaps the threat has been blown out of proportion, but the threat nevertheless remains and failure to heed the warning and implement the available protection measures, could result in a serious, costly and thoroughly humiliating pod slurping!