Pod slurping

A company called Sharp Ideas has created a proof-of-concept program to suck down company confidential information to an iPod (or other USB device), to emphasise the concept that information security needs to take into account physical security. Pod slurping is the name they give it, and it sounds more sinister than it really is.

My first impression when I heard about it on Slashdot Review was that it would search the network for unprotected shares and, using some algorithm, would decide what was juicy and what was not, and download those juicy elements. The reality is that it just copies certain file types from the Documents folder on the local PC.

Personally, I don't think the iPod specifically has caused a major change in how security needs to deal with technology. I could just as easily walk out with a hard disk, laptop, or even paper copies of documents. What has changed is the ease with which large, unfiltered and untargetted amounts of information can be stolen. I also think that locking down USB access on PCs is overkill, and may only stop the opportunist thief, while preventing the innocent from being as productive.

The moral here is that you need to take care of the information at the source, and limit access to only those who are trusted and authorised to access them. Banning or blocking portable devices is only useful as part of a defense-in-depth strategy, and you should look at the trade-offs before implementing.