Military bans disks after Wikileaks; Should you?
Summary: In the Wikileaks aftermath, the military has reportedly banned disks and USB drives and threw in the threat of a court martial for good measure. Should you do the same for your corporate network?
In the Wikileaks aftermath, the military has reportedly banned disks and USB drives and threw in the threat of a court martial for good measure. Should you do the same for your corporate network?
Wired reported that the U.S. military is telling troops to ditch removable media. The problem is that these "sneaker networks"---actually combat boot networks---are an efficient way to get data from one point to another.
The big question here is whether enterprises should also put some limits on removable drives. Let's face it, there are a lot of removable media that can tap into corporate networks. USB drives, iPods and phones are just some of the avenues where data can escape.
Jason Perlow summed it up when he covered how the government's IT failed.
There’s a lesson to be learned here. You can have the most secure network(s) in the entire world, and all kinds of enabling technology to help you safeguard your information, but if you don’t follow consistent IT practices across the board, have gaping holes in your endpoints, and you don’t psychologically profile the people who have access to your most trusted, secret information, you’re just asking for trouble.
He added:
So what nailed us was simple. We allowed this guy to walk into work with writeable DVD media and gave him laptops with functional read/writeable DVD drives and possibly even USB ports, at an Iraq field operations center in a theater of war, when the standing policy on military bases and in other government installations (such as at US Central Command) is to prohibit personnel from bringing USB devices, Smartphones, iPods and CDs onsite.
As noted by David Gewirtz, removable drives are the biggest threat to U.S. cybersecurity. It's probably the same deal with your network.
Related:
- The Battlefield Beyond Bad Flash Drives (ZDNet Government)
- Wikileaks: How our Government IT Failed Us
- Don't Wikileak Yourself: How Safe is Your Smartphone?
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
RE: Military bans disks after Wikileaks; Should you?
RE: Military bans disks after Wikileaks; Should you?
RE: Military bans disks after Wikileaks; Should you?
RE: Military bans disks after Wikileaks; Should you?
You just found a justification to upgrade.
At least if this functionality is important to you.
RE: Military bans disks after Wikileaks; Should you?
So far you are the only one to point out the obvious: the ban is quite hard to enforce. These drives are too small and easy to carry and conceal.
OTOH, they could disable the USB ports on all the computers -- except for mouse and keyboard, whose USB cables could be permanently attached.
The arrangement would suck, but at least it would mean that even if you do sneak in a USB thumb drive, you cannot copy onto it from a secure machine.
Agree, necessary precaution
RE: Military bans disks after Wikileaks; Should you?
Problem with the military doing things like this is that it also makes getting information about My Lai type things out. To be blunt, the military does not need to do these things if they are H O N E S T with the American people about what they are doing and are willing to take the lumps on the head if the American people don't like what they are doing.
RE: Military bans disks after Wikileaks; Should you?
I tide fashion
RE: Military bans disks after Wikileaks; Should you?
Not to show my age, but before retiring from the USAF in 1990 (after 25 years) I saw significant change in DoD telecommunications and later data systems. I remember when answer to question "which is fastest way to get an ungodly amount of data from DC to LA" was "hand the media holding the data to a courier and fly him by commercial air." Back then the USAF had layer upon layer of security in place to guard against unauthorized dissemination of data. Now I think everyone got complacent and for the life of me, I cannot see why anyone is surprisedby the current results. It was inevitable. Failure to learn from the past and convert that "learning" to knowledge that is kept current as technology changes, is the root cause of many personnel and technological security problems the military have lived through the past two years.
RE: Military bans disks after Wikileaks; Should you?
How about a courts-martial instead?
RE: Military bans disks after Wikileaks; Should you?
I do see this: "...court martial for good measure."
Sorry, just realized the edit didn't post... :(
RE: Military bans disks after Wikileaks; Should you?
To your comment above:
That is not true, these policies are pushed by AD. Not the Local XP machine, I know, we have those type machines here.
I was commenting on the typo - which was corrected
Terminology
RE: Military bans disks after Wikileaks; Should you?
RE: Military bans disks after Wikileaks; Should you?
RE: Military bans disks after Wikileaks; Should you?
Right in one. The war is OVER AND DONE WITH! It ended the day that President Bush said "Mission Accomplished" (like an idiot in my opinion!).
Right now, we are in a nation-building exercise (which by the way, have ALWAYS FAILED) in a foreign country were a good bit of the people do not like us and are PISSED that we dared to come and intervene in their countries personal business.
RE: Military bans disks after Wikileaks; Should you?
One person's treason is another person's 'act of conscience'. If the United States military tries to put Private Manning to death for this thing that OBVIOUSLY fits into the latter group, they might lead to the Second Civil War.
Many people are supportive of Wikileaks, regardless of what you hear the 'talking heads' on the news networks saying.