Shamla Naidoo, IBM global chief Information Security Officer, has recently announced that the company “is expanding the practice of prohibiting data transfer to all removable portable storage devices (eg: USB, SD card, flash drive).”
The new rule has been released in an advisory to all employees reported by The Register and, though it has been a policy only for some IBM branches, the company will implement it worldwide within the next few weeks.
Why are they taking these measures just now? Well, better late than never, it seems. IBM is starting to realize that “the possible financial and reputational damage from misplaced, lost or misused removable portable storage devices must be minimised.”
This is their way of doing it.
Unfortunately, IBM staff sometimes need to use USB drives in order to download patches, which hints at how disruptive the move will be for the employees who have taken it for granted so far. We’ll have to wait and see if the company can enforce such regulations without causing an uproar.