There is a saying that technology is not evil in of itself; it’s just a matter of how people employ it. I was reminded of this when I ran across an article at mcclatchydc.com. For those who are engaged in BYOD and computer data security, the apparent ease of evading IT security is a headache that won’t go away. I’m sure there are quite a number of people out there who wonder why things were designed with such obvious, glaring problems.
For others, like the Cubans covered in the mcclatchydc.com story, the same “problem” is what allows them to run around government censorship.
A Different Kind of Information Superhighway
“Underground blogs, digital portals and illicit e-magazines” are spreading in Cuba, the last bastion of communism in the western hemisphere, via memory sticks, according to a dissident interviewed by mcclatchydc.com:
“Information circulates hand to hand through this wonderful gadget known as the memory stick,” [Cuban blogger Yoani] Sanchez said, “and it is difficult for the government to intercept them. I can’t imagine that they can put a police officer on every corner to see who has a flash drive and who doesn’t.”
I have no doubt Ms. Sanchez knows what she’s talking about. On the other hand, if the Cuban government really wanted to do something about it, couldn’t they do something?
I mean, look at North Korea: there’s so little information leakage in that country that a former Deputy Assistant Secretary of State (Col. Stephen Garnyard, USMC, retired) noted, “there is nobody at the CIA who can tell you more, personally, about [current North Korean dictator] Kim Jong Un than Dennis Rodman [the former NBA basketball player].” Dictatorships generally don’t work out, but when they do….oh, boy.
On the other hand, I can tell you that, as I scan the South Korean media, news about North Korea, even if it’s not about Dear Leader, does make it out of its borders in one way or another, including video. It might not be on USB sticks. On the other hand, why not?
I currently have in front of me a 2-GB micro SD card, taken from an old cellphone (the “stupid” type). It’s about the size of my thumb’s fingernail and just as thick. I could hide this pretty much anywhere.
Completely Securing USB Sticks and Other Portable and Mobile Devices: Difficult
It might be an understatement to say that 2012 was the year of BYOD: it seemed like everyone debated the pros and cons of allowing employees to bring their own devices to the workplace. Many companies that had gone the way of BYOD reported that the positives outweighed the negatives, and that there were substantial advantages to engaging in Bring Your Own Device. Others publicly declared that they were jumping in the bandwagon or were in the process of doing so.
BYOD, however, did not start in 2012. Indeed, BYOD’s underpinnings are as old as the floppy disk. While it might be dubious to call a 5.25-inch or 3.5-inch plastic squares “devices,” they certainly posed the same problem many companies struggle with today: how can the company’s data be secured? How can we prevent data breaches? How do we prevent company information from walking out the office’s front doors?
In the past 25 years, it appears that nobody has really found an ideal answer. At AlertBoot, we’re able to control the leaching of data via the use of encryption software: stick a USB stick to an already-encrypted computer and the portable flash disk will also be encrypted, automatically. Not only does the encryption protect the USB’s contents if it ends up lost, the end user is unable to read the contents of the flash disk on unauthorized computers (this allows one to use the USB drive within the office as a data transfer medium).
But this is only possible because the USB drive is truly a device – it has electronics in it. However, a CD or DVD disk would still allow one to take data out of the company. In order to prevent data leaches using disc technology, a separate solution would be required. The homogenous nature of computers (makes, models, components, operating systems, solutions, etc.) make it all but impossible to cover every potential breach in data security.
Bad for the free world. Great for the not-free one.
Related Articles and Sites: