IPods have storage memory - many even have hard drives. We all see iPods every day, and we think of music. But iPods aren't just for music anymore. As computer forensics experts, we have now seen multiple cases where the innocuous-seeming iPod was used to surreptitiously lift corporate data.
Mind you, the average data thief will simply slip the iPod in a purse or briefcase. But in this wacky, edgy world, there actually is an iGroove undergarment for iPods. It is unlikely to be on our Christmas lists or yours, but it provides yet another avenue for your data to escape.
The lesson here is simple for executives responsible for the protection of company data: You must take seriously each and every technological development that may compromise your security. Your IT department should monitor for unusual downloading and copying. You might not want to allow USB devices to be connected to devices on your network. If you do allow such connections, you may want them monitored. Perhaps access to all sensitive data should be logged.
Data thieves are notoriously clever - and management is constantly limping to catch up with technological advances. If it isn't the iPod carting off your data, it is the thumb drive, the smart phone, CDs and DVDs, or web-based emails sent from local machines to avoid having them written to the server, and so on.
In a corporation of any significant size, it is imperative to do security reviews, at least annually, to stay ahead of both technology and the cleverness of miscreants. This is certainly an area where an ounce of prevention is worth a pound of cure. Once your data has been pilfered, damage control and legal remedies are both expensive and limited in what they can achieve. The damage to your company's reputation may be difficult if not impossible to retrieve - and the flood of data breach laws and data breach lawsuits has complicated an already maddening problem.
In a world where company secrets can depart a company via an employee's lingerie, constant vigilance is mandatory.