Tip

Key chain data thieves

In the past year or so the number of gizmos and gadgets available to enhance the power of portable systems has exploded. Now a modestly-equipped notebook can be easily expanded to support wireless networking, DVD playback, CD-RW and DVD burning, theatre quality audio, huge file storage capacities, OCR scanning, UPC scanning, voice recognition, digital video recording and editing and much more. Most of these can be added just by plugging in a USB, PC Card or Firewire peripheral.

I'm the first to admit that the ability to plug in a device and have instant access to features and capabilities far beyond the range of your notebook is amazing. I've got dozens of add-ons to improve my portable computing. However, these little devices may also be the downfall of many a security stronghold.

The gadget that is currently making my skin crawl is a key-chain dongle USB memory drive. These thumb-sized plug-n-use devices can store 8M Bytes to 1G Byte of data and are natively supported by every USB-enabled system. You plug them in and instantly a new drive letter appears in your file manager. A few deft movements of the mouse and any file on the local system or network accessible drive can be copied to the dongle. Keep in mind that the dongles support only the FAT file system, so any ACLs on the files are stripped. Once the data is copied (at over 2M Bytes/sec for USB 2.0, and 600K Bytes/sec for USB 1.1), you just unplug the device and drop it in a pocket. These USB memory

    Requires Free Membership to View

drives can be easily mistaken for a knickknack on a key chain or concealed in a gum packet.

There are a handful of methods you can use to provide some protection against these devices. First, you can disable USB support on all systems. But then you will lose the ability to use USB mice, keyboards, printers or scanners. Second, strictly control user access to sensitive material. This prevents users from copying material from higher classification levels; it doesn't stop them from walking out with material within their access privilege. Third, physically separate users from the computer's system case. Granting users access to just their monitor, mouse and keyboard does eliminate their ability to use USB devices -- including memory drives -- but it also prevents them from using CDs or floppies and accessing the power button and reset switch. Fourth, perform intensive searches on everyone as they enter or leave the secured facility. While this method could be effective, it is very unpopular, time-consuming and impractical.


About the author
James Michael Stewart is a researcher and writer for Lanwrights, Inc.


This was first published in September 2002

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.