Infosec – London, UK – 26 April 2005 – Speaking at a seminar on the first day of Infosec 2005, Utimaco’s Helmut Dansachmueller, head of product management, addressed a packed auditorium on the threat posed by the increasing adoption of plug and play (PnP)devices.
Previously, device drivers had to be installed before being able to use printers or other peripheral hardware. Today, it is sufficient to simply connect a device, such as a memory stick, PDA or Smartphone via a USB, Firewire or Bluetooth connection, amongst others, to a computer, increasing convenience, but also increasing the possibility of security breaches.
During his presentation, Helmut Dansachmueller gave the following advice, “In today’s security conscious climate, it’s inconceivable that most organisations, in some cases fully aware to the threat posed by PnP devices, don’t have even a basic security policy in place to protect against their use. In so doing, companies open themselves up to the risk of malicious code being invisibly introduced into an otherwise well protected computer system or confidential data exported. This was the case recently experienced by Japanese bank, Sumitomo’s London offices, with almost catastrophic consequences had The National High Tech Crime Unit (NHTCU) not been alerted.
Companies must play a responsible role and in fact, those handling private customer information have an obligation, to protect data from prying eyes. Until the relevant department has evaluated the solutions on offer and implemented an enforceable policy to provide adequate protection, the only way to be 100 per cent certain is to ban the use of PnP devices altogether.”
To learn more about the security threat posed by ‘Plug & Play’ devices and the solutions on offer to counter them, visit Utimaco at Booth 621 during InfoSec, log on to www.utimaco.co.uk or contact Utimaco on Tel No +44 (0)1784 224225.
Utimaco Safeware AG
Utimaco Safeware AG is the leading European manufacturer of professional IT security solutions. The security technology and solutions developed by Utimaco protect the electronic data of companies and government bodies against unauthorised access and guarantee that business processes and administrative procedures in the electronic world are binding and confidential. Utimaco Safeware’s Personal Device Security division supplies technologies and solutions for mobile security in the areas of high-level authentication including biometric techniques, encryption and integrity checks. Its products and solutions secure data in terminal server and Citrix environments, on the PC, notebook and PDA at the workplace, and on the move. Utimaco Safeware’s Transaction Security division specialises in security solutions for e-business, e-government and e-payment based on its own technologies (telecommunications management systems, hardware security modules, gateways for e-mail security, au thentication and digital signatures, Public Key Infrastructure (PKI) and PKI-enabled applications).