Martin Allen MD of security firm Pointsec Mobile Technologies, checks out the MP3 threat to corporate data networks...
Once again the problem of mobile device security is raising its head.
Like it or not, the miniaturisation of disk storage technology means that the amount of data that can be stored on mobile devices continues to climb.
The solution often seems simple - ban them.
That would mean, however, banning all USB flash devices and requiring employees to leave their personal phones, PDA's and MP3 players at the office door.
This Christmas MP3 play-ers were the hottest and most popular present with recipients quickly finding out how excellent they are not just for storing music but also for lots of data. Even the £20 MP3 players can store 256MB.
At the top end of the market, digital jukeboxes with storage of 20GB start at under £150 while a 60GB Apple iPod Video player can be had for just £300.
That is the same storage capacity as a lot of corporate notebooks.
What makes this market even more dangerous is the number of devices that IDC estimates will have been sold by the end of 2005. European sales of devices with a capacity of less than 4MB will top 20 million, while the larger MP3 jukeboxes and video players will exceed five million.
These numbers are more than twice the sales for 2004 and while the growth will slow during 2006, higher capacities and the introduction of large scale storage in devices such as Smartphones will continue to push the market forward.
While these devices are aimed at a consumer market, there has already been an increase in their use within the corporate environment and this is set to increase as more people recognise that they are ideal for listening to corporate presentations on the move.
Others might use them to listen to audio books or even watch training courses. In meetings, the MP3 player has already replaced the mini tape recorder due to battery life, capacity, ease of file storage/sharing and cost.
Consumers want to use these devices on their corporate networks today to down-load content.
While there are figures showing that some of this content is illegal, there has been a big move towards legal content.
One of the drivers of this has been the strengthening of the audio book market. Whereas, just a few years ago it was novels or self-help books that dominated the audio space, now there is a huge array of general business books on the market.
This market is also being targeted by educational publishers who are moving their existing content into a new market.
For these publishers, getting users to play "skills enhancement" books on MP3 players is as much a B2B as a B2C play.
Then there is the big emerging market of the year - Podcasting.
In the same way that the DVD recorder and Sky+ box have revolutionised the way we handle the time-shifted world of television, Podcasting is doing the same for audio and it seems everyone is doing it.
In the UK, the most popular Podcast is the BBC Radio 1 breakfast show. Unsurprisingly, it is most often down-loaded during the day, probably by people who missed it while travelling into work.
It is not just audio that is driving the Podcasting market. The BBC and several other channels have committed to putting their TV programs out via broadband.
They are also allowing them to be downloaded from websites. As this requires a reasonable bandwidth to get several programs, it is not unreasonable to expect that this will often be done at work.
The mobile video market has no doubt been helped substantially by the entrance of Apple with a video iPod.
However, there are numerous other vendors, such as Archos, that have had high capacity video jukebox players for a number of years now.
The storage in these devices is set to soar with the introduction of new perpendicular disk drives. We are already seeing the first 160GB disk drives and they will only get bigger.
While this is ideal for very high quality video it also poses a massive and significant risk to corporate data.
The capacities at this high end equate to a laptop drive. This means that vast amounts of corporate data can be removed on a small consumer device that sits in the pocket.
Introducing measures to prevent such devices from connecting to corporate resources are failing.
As fast as vendors bring out software to identify and block the devices, device manufacturers and software companies are releasing utilities to hide the devices from network administrators.
There are no anti-virus, anti-spyware programs for the majority of these devices although software to protect Smartphone's is beginning to appear.
With multiple connection points for the mobile device, corporate desktops and laptops MUST be updated with the relevant software.
As the capacities increase, another measure, if these devices are to be tolerated, is to introduce transfer quotas.