Menu
Should Apple secure its iPods?

Should Apple secure its iPods?

Does the popular MP3 player have inherent security risks?

Few corporations are likely to ban iPods in the workplace, but whether Apple and other manufacturers of MP3 players shoulder some responsibility to add security to their devices -- and how effective that security would be -- is a growing debate.

Apple didn't return multiple inquiries asking about its stance on iPod security, but plenty of others are talking about what the company should or should not do to prevent its widely popular music player from being used as a data-transfer device for stealing sensitive corporate information. While this unintended use of the iPod is not exclusive to Apple's device -- employees with malicious intent could steal data using any MP3 player, or any removable media for that matter -- Apple has sold more than 100 million iPods, making it the obvious choice.

"My initial reaction was that Apple should have as much responsibility as SanDisk has for securing its USB thumb drives," says Kurt Tappe, Apple certified engineer with JP Morgan Chase, in an e-mail. "But then I remembered that iPods do not come out of their shipping containers with the ability to be used as data drives. The user must explicitly turn that function on in iTunes. To that end, it seems to me that Apple has already gone one step beyond other drive manufacturers."

An extensive search of the iPod and iTunes sections of Apple's Web site turned up no information about setting the devices for data transfer, but also did not warn against the potential for misuse when iPods are set as such.

Others say Apple may not be responsible for securing its device beyond the basic lock function that it comes with, but offering such features couldn't hurt. This could become particularly important as corporate IT departments begin to consider purchasing other Apple products, such as Mac desktops and servers, in helping Apple build confidence among security-conscious enterprises.

"I wouldn't put this responsibility on [Apple] as mandatory; I would prefer to see Apple offer it as an add-on feature and let the market dictate its usefulness," wrote Louis Tinto, risk manager and director of technology risk assessment with a large financial-services company, in an e-mail. He stresses that educating employees about corporate policies regarding use of such devices and having workers regularly attest to their understanding of such policies is the best first step to take in protecting against data theft via iPods.

Another important consideration for Apple is that some enterprises are beginning to use iPods as corporate devices and will want to integrate them into their security plans, so offering such protection could become a make-or-break issue for selling into these accounts.

According to a press release issued by NextSentry, which makes desktop software that prevents unauthorized copying of data to removable media and which issued the warning of iPods in the workplace, these devices have been purchased by the thousands by manufacturing companies, financial-services firms and healthcare suppliers as a means to train, educate and inform their employees.

While he believes Apple shouldn't be held responsible for how an iPod is used, one analyst says security should be an element of these types of devices.

"Smart, portable devices need protection from malware and misuse just as much as workstations, particularly as they are trusted to perform critical work-related functions," says Trent Henry, a senior Burton Group analyst, in an e-mail exchange. "Even the iPod can hold contacts as part of the operating system features. That's sensitive data that needs protection."

Still others say it's not Apple's place to provide enterprise-level security with a consumer device. Given the product's popularity in its current unsecured state, the company may not need to.

"There's no way Apple can anticipate the specific security needs of every Fortune 1000 company out there," says Tom Bennett, vice president of marketing with Oakley Networks, makers of data-leak prevention technology.

"I don't believe it is Apple's responsibility to ensure iPods are used for good any more than I believe it is Honda's responsibility to ensure a Civic is never used as a getaway car," agrees Brent Smithurst, vice president of technical operations with Faronics, which makes endpoint-security software for Macs to prevent unauthorized data transfer to devices. Smithurst wrote about the issue in a blog posting Wednesday . "In both cases, the product is only a means of potentially enabling a type of behavior, but is not intended to encourage that behavior."


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

Meet the leading female front runners of the Kiwi channel

Meet the leading female front runners of the Kiwi channel

Reseller News honoured the leading female front runners of the New Zealand channel at the 2018 Women in ICT Awards (WIICTA) in Auckland. The awards honoured standout individuals across seven categories, spanning Entrepreneur; Innovation; Rising Star; Shining Star; Community; Technical and Achievement.

Meet the leading female front runners of the Kiwi channel
Meet the top performing customer-centric Microsoft channel partners

Meet the top performing customer-centric Microsoft channel partners

Microsoft honoured leading partners across the channel following a year of customer innovation and market growth in New Zealand. The 2018 Microsoft Partner Awards recognised excellence within the context of the end-user, spanning a host of emerging and established providers.

Meet the top performing customer-centric Microsoft channel partners
Reseller News launches new-look Awards at 2018 Judges’ Lunch

Reseller News launches new-look Awards at 2018 Judges’ Lunch

Introducing the Reseller News Innovation Awards, launched to the channel at the 2018 Judges’ Lunch in Auckland. With more than 70 judges now part of the voting panel, the new-look awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors.

Reseller News launches new-look Awards at 2018 Judges’ Lunch
Show Comments