Windows has just been recognized as a potentially dangerous system by one of the leading IT companies, IBM.
Because of a security vulnerability in the Windows system recently detected by one of the Bitdefender engineers, IBM prohibits the use of all removable storage media throughout the company as part of a new policy to avoid financial and reputational damage resulting from an incorrectly placed or incorrectly used USB drive.
IBM’s chief computer scientist, Shamla Naidoo, told the staff in the internal email that the company “extends the practice of prohibiting data transfer to all portable storage devices (eg USB, SD card, flash memory).”
Although some departments have already applied this policy for some time, “in the next few weeks we will try to implement this policy around the world” , Naidoo said, as reported by The Register.
“In a world full of data breaches, the introduction of this policy is well-founded” , comments Mariusz Politowicz, technical engineer at Marken, which is the official representative of the Bitdefender brand in Poland. “The reason for the new rules is simple, as the possible financial and reputational damage resulting from improperly placed, lost or improperly used portable data storage devices can be huge.” – he adds.
The Kingston company was one of the leading producers of this kind of device that reacted immediately to the ban on using mass storage.
“We are convinced that companies and institutions that prohibit their employees from using portable storage devices have not conducted an in-depth analysis of the various paths of data flow to and from the organization.” – said Valentina Vitolo, director of flash memory devices for the region of Europe, the Middle East and Africa (EMEA) at Kingston. “Completely banning USB sticks will not eliminate the theft of valuable data or putting them in danger. However, there are solutions controlling USB drives, data copied to these devices and access to USB ports. ”
It is worth remembering that the dangerous Stuxnet worm was written in such a way that by jumping from the terminal to the terminal through USB drives moving between them, increase the scale of the attack. Some of the networks to which the attack was directed had an air gap, which means that they did not have direct access to the outside world.
Many people are afraid of such an event in their networks and nothing strange, after all you can get into many problems. Preventing malicious programs from running on USB drives should be important to us to avoid unpleasant situations in the future.