Wendy Ellis, vice president of marketing for McWhinney, says USBflash drives make great marketing devices because they're easy tocarry and more efficient to look through than stacks of paper.

|

The firm is not alone. USB flash drives or thumb drives are theof-the-moment way to disseminate marketing materials, highlightwork and promote ideas. Fortune 500 companies, educationalinstitutions and even creative artists are handing out customizedUSB freebies to clients and employees.

|

The USB or Universal Serial Bus standard was developed about 13years ago. But thanks to improved technology, it's taken offdramatically in the past few years. Industry experts reportexplosive growth in the use of USB flash drives and otherUSB-enabled devices like GPS devices, mobile phones, video players,digital photo frames and memory card readers.

|

However, as the use of USB enabled devices grows, so do thepotential risks. The problem: Users can unintentionally passviruses to their computers when they connect the devices to theircomputers.

|

In the past few months, an increasing number of digital deviceshave been reaching the market with viruses or malware alreadyinstalled. Users infect their computers when they connect thetainted devices with USB cables. The still unanswered question ishow companies, including commercial real estate firms, plan to dealwith the issue--or whether they are underestimating the risks ofUSB devices.

|

Don Goldstein, the Dallas-based chief information officer of CBRichard Ellis, is responsible for the company's technologystrategy, information services delivery and customer technologysolutions. "There is a general policy that any software orequipment that connects to company provided computers must beapproved by IT," he explains.

|

But he says there is not a specific company policy aboutpersonal devices. "Things like flash drives aren't a big deal,because they don't require special software on the PC that IT needsto load," he continues. "However, devices like iPods are adifferent story because they require special software thatcontributes to non-business network traffic. It really boils downto a case by case basis."

|

David A. Johnson, chief information officer at Jones LangLaSalle, says the company allows employees in most locationsworldwide to use USB devices. "Our philosophy is that we want tomake the technology friendly. If it's friendly, they will use it.If they use it, we will get the value from it," he explains. "Wetrust our employees and treat them accordingly."

|

However, firms have to consider more than their employeesactions. The potential problems from USB devices extend tomanufacturers, retailers and distributors. Last month, forinstance, Best Buy recalled several thousand digital photoframes--small flat-panel displays for displaying digitalimages--because they contained malicious code. The frames were soldat both Best Buy and BestBuy.com under the Insignia name, one ofBest Buy's in-house brands.

|

SANS Institute, a Bethesda, MD-based research and educationorganization, reports more retailers are becoming unwittingdistributors of malware. According to the Internet Storm Center, anetwork-threat monitoring group affiliated with SANS, computerusers have reported multiple incidents in the past few months. Theyinclude:

  • five digital photo frames from Advanced Design Systems thatwere sold at Sam's Club

  • two 250GB Maxtor External One Touch Backup, one purchased fromRadio Shack and the other from Fry's Electronics

  • a Flip Video Camera from Costco

  • a MemoryVue 1040 Plus digital photo frame from Digital SpectrumInc. purchased at Costco

  • an 8-inch Castleton digital photo frame from Uniek purchased atTarget

  • A set of MP3 playing sunglasses purchased at an unknownstore.

Last October, hard-disk drive maker Seagate reported apassword-stealing Trojan horse program had infected some diskdrives shipped from a factory in China. And in 2006, a virus snuckonto the hard drives of a limited number of Apple iPods.

|

Jason Roberts, marketing and public relations manager at PCGuardian, a designer and manufacturer of computer and datasecurity, says employees can compromise the security of acorporation's data and information systems, knowingly or in error."The 'innocent' breaches include employees downloading confidentialdata and subsequently losing or misplacing the USB drive itself,leaving the corporation vulnerable," he continues.

|

As a response to those potential risks, computer securityexperts are creating new options. PC Guardian, for instance,reports that it developed its USB Port Security System in responseto unauthorized data transfer through USB ports to flash drives,memory sticks, MP3 players, and other mobile storage devices. Theproduct disables USB port access.

Want to continue reading?
Become a Free ALM Digital Reader.

  • Unlimited access to GlobeSt and other free ALM publications
  • Access to 15 years of GlobeSt archives
  • Your choice of GlobeSt digital newsletters and over 70 others from popular sister publications
  • 1 free article* every 30 days across the ALM subscription network
  • Exclusive discounts on ALM events and publications
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.