iPods slip through gaping security holes

Companies are still failing to recognise the security threat posed by portable storage devices, such as the dozens of iPods which may enter and leave their offices each day.

A silicon.com survey has found that 70 per cent of organisations in the UK do not block or restrict the use of such devices connecting to desktop PCs and the corporate network. Furthermore the survey found that even among those companies which do have a policy relating to such devices there is little done to enforce it.

A worrying 16 per cent of respondents said their company does have a policy on iPods, cameras and other USB storage devices but they said it is not enforced.

Only 13 per cent of respondents said the use of such devices is blocked or restricted.

However, Andy Burton, founder of asset and device management firm Centennial, said those findings are possibly better than average.

Burton said: "The good news is that if 13 per cent of people believe they have blocks in place then that's a lot higher than the industry feel," though he added that those blocks may owe little to security fears but rather concerns about productivity.

He added: "The vast majority of people still don't perceive the use of these kinds of devices as a threat."

David Guyatt, founder of Policy Matter, which provides a service that forces staff to acknowledge and respond to changes in corporate policy, blamed in part "a real lack of clarity about what is policy and what isn't policy".

According to Guyatt, it's very likely more than 16 per cent of respondents work at a company which has a policy that isn't enforced. He said his experience leads him to believe staff simply do not know when there is a policy, adding: "They don't know what they don't know."

Centennial's Burton said: "Corporate responsibility really needs to take a step up."