By Andre Muscat, Product Manager at GFI Software

Ever since the emergence of iPod back in 2004, GFI and other experts including Gartner analysts, Ruggero Contu and John Girard have been warning that iPods are a potential danger to the corporate network. On October 18, 2006, it came to light that a number of virus-infected Apple iPods have been rolled out of the manufacturing plant during the past month. According to Apple, less than 1% of video iPods shipped since September 12 have been dispatched to their destination carrying a computer virus known as RavMonE.exe (also know as Win32/RJump.A, Worm.RJump, and Backdoor.Rajump amongst others). RavMonE.exe is a worm that opens a backdoor on Windows based systems and spreads by coping itself to portable storage drives such as USB sticks, digital cameras, external hard drives and open shares.

Corporate repercussions
The threat that portable storage devices pose to corporations and organizations is often underestimated. Easy access to portable music players, PDAs, mobile phones and digital cameras has exponentially increased the risk of infection and drastically decreased business continuity. iPods and other portable storage devices are popular, fashionable, inexpensive, heavily promoted and freely available in today’s society. These factors, plus a lack of security awareness are all major contributors to the tremendous wave of malevolent threats that are hitting corporations; making them legally liable to hefty fines or even bringing many businesses to a halt – no matter the size, no matter the industry, no matter the revenue!

This recent video iPod case has raised the alarm at how quickly a virus infection can spread on a corporate network. In order to ensure business continuity and legal compliance, corporations must counter virus infections by focusing their efforts on effective security risk management.

The days of conventional counter measures are over. Relying on voluntary compliance is not the best option anymore: Malicious insiders and gullible employees who fall for social engineering practices are the weakest link in the corporate security chain. Furthermore, anti-virus solutions are reactive rather than proactive as they usually detect issues after your system has been infected and the damage has already been done!

The proactive solution for your network
Risk management is the only effective solution to counter portable device threats by deploying software barriers that control portable storage device usage on your network. GFI Software, backed up by several years of network security research, has developed a solution to counteract such portable storage device threats – GFI EndPointSecurity!

GFI EndPointSecurity is the permanent solution which allows you to effectively control entry and exit of data via portable storage devices including iPods. This prevents users from taking confidential data or introducing viruses and other malicious software such as RavMonE.exe to your network. GFI EndPointSecurity allows you to discriminate between legitimate and illegitimate use of portable devices, in compliance with the custom security policies set up by your corporation! No matter the level of security awareness in your corporation – GFI EndPointSecurity is the 24/7 vigilant eye against all risks posed by portable storage devices! For more information and to download the product, one can visit http://www.gfi.com/endpointsecurity/.

Andre Muscat is the Product Manager for the network security products division at GFI Software (www.gfi.com). He is responsible for leading the design and overall customer experience of the network security product range which includes GFI EndPointSecurity, GFI EventsManager and GFI LANguard Network Security Scanner. During his nine year career with GFI, Andre has worked closely with fellow security and development professionals which led to the authoring and release of various versions of the security products released by GFI Software, concept prototypes, reporting technology, training material, whitepapers and article contributions on network security and risk assessment topics. Andre Muscat can be contacted at andre@gfi.com.

This article was written by GFI Software. All product and company names herein may be trademarks of their respective owners.