Most companies are failing to address the serious security risks created by the proliferation of USB flash drives, MP3 players and similar portable storage devices, industry experts have warned.
Ruggero Contu, client research consultant at analyst Gartner, warned that the use of unauthorised portable storage devices poses several dangers, not least for the malicious code that they can introduce to corporate networks.
High data capacity and transfer rates mean that USB or FireWire devices have the capacity to download valuable corporate information which can be leaked to the outside world, according to the analyst.
"This underlying vulnerability has existed since the release of Windows 2000, the first widely deployed operating system able to mount a USB storage device automatically," said Contu.
Gartner warned that the danger comes from back doors being opened by portable devices including any kind of pocket-sized FireWire hard drive, like those from LaCie or Toshiba, or USB hard drive or keychain drives.
They also include disk-based MP3 players, such as Apple's iPod, and digital cameras with smart media cards and other memory media.
"Companies are at risk of losing intellectual property and other critical corporate data. Portable storage devices are ideal for anyone intending to steal sensitive and valuable data," said Contu.
"Employees may also be responsible for losing data if they inadvertently mislay these devices."
Gartner advised companies to forbid the use of uncontrolled, privately owned devices with corporate PCs. The prohibition should also extend to external contractors with direct access to corporate networks.
Companies should adopt a controlled approach with security measures that incorporate overall organisational security policy and specific technology tools.
"Managers should advise on the main procedures to be followed for the eventual use of such devices, for instance to confirm the need for password and security protection [encryption] of stored corporate data. This will also help mitigate risks from loss or theft," said Contu.
Gartner advised that general security best practice should include the implementation of a desktop lockdown policy.
Managers should also consider disabling universal plug and play after pre-installing any desired drivers to permit the use of authorised devices only.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago