Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Finding a Balance

By Steve Jones,

USB Flash Drives

This editorial was originally published on Nov 19, 2007. It is being republished as Steve is on vacation.

When I started in IT things were much simpler. We had smaller data sets, but hardware was larger. There just wasn't a good way to transfer large amounts of data on 3 1/2" floppy drives. I remember CDs coming into being and CD writers became a concern, but since few people had them and we knew who they were, it wasn't a big problem. The zip drives created a cause for concern briefly with their 100MB capacity, but again, they were somewhat bulky and easy to spot.

However with the growing sizes of flash drives, storage in cell phones, and the monstrous capacity of iPods and other music players, it seems that data has little chance of being contained by IT within the walls of the organization.

I saw an interesting discussion about managing all these technology devices and the problems that come with so much storage being in reach for so many people.

So we're data people, we get beat up to ensure our SOX procedures work well, and we're in the trenches. With that in mind, the poll this week is...

Does it make sense to ban personal storage devices?

I know it's not practical to actually try and prevent the iPods and other devices from coming into the building. You for sure cannot take away all the cell phones from people. But does it make sense to prevent these devices from connecting to your network? Ban USB and Bluetooth; don't purchase rewriteable drives except for admins who can be monitored. Some other ideas?

That might not even work. Recently a report surfaced about some executives in Korea that stole nearly $2billion worth of trade secrets with USB drives and taking them to a new company.

Think about the past experiences we''ve had. Suppose you''d locked down floppy drives and CD burners a decade ago. All of a sudden MP3 players appear and get mounted as removable drives. It''s a new twist you hadn''t considered, so you shut down all the serial, parallel, and USB ports. You get a new laptop and realize Bluetooth is now available and works just as well and your controls have been circumvented again. What do you do now? It's a tough balance to strike. Are you trying to be a control freak and make it an hostile work environment or do you trust your employees and deal with the occasional problems that come with them?

I'm not sure what the best solution is, but I'd venture to guess that banning the technologies won''t work. Someone will always come up with a new way to get around your controls, and more importantly, you won''t be as vigilant if the controls “appear” to work.

I'd adopt the Counterpane approach to security, which is what security expert Bruce Schneier believes in. Assume you''ll get compromised and attacked and put systems in place to detect and respond to issues rather than trying to prevent all attacks.

Steve Jones


The Voice of the DBA Podcasts

Everyday Jones

The podcast feeds are now available at sqlservercentral.podshow.com to get better bandwidth and maybe a little more exposure :). We've upped the quality a little on the Quicktime files, so if it's better from your side, let us know. Comments are definitely appreciated and wanted, and you can get feeds from there.

The RSS Feed: or now on iTunes!

Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.

I really appreciate and value feedback on the podcasts. Let us know what you like, don't like, or even send in ideas for the show. If you'd like to comment, post something here. The boss will be sure to read it.

Total article views: 143 | Views in the last 30 days: 1
 
Related Articles
ARTICLE

Podcast Announcements

Podcast Feeds

BLOG

Podcasting

A new video setup is on the way!!!! Actually I'll do a couple podcasts on podcasting over the hol...

ARTICLE

Drive

What motivates people? What makes them happy at their jobs? Steve Jones talks about Drive, the book ...

BLOG

The Podcast is in the Windows Store

If you’ve got a Windows Phone, or any of the Windows devices that support podcasts, the Voice of the...

ARTICLE

Little Devices

This Friday Steve Jones asks if you think that your job could be done with smaller devices. Is there...

Tags
editorial    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones