IBM has allegedly issued a worldwide ban against the the use of removable drives, including Flash, USB, and SD cards, to transfer data. This new policy is being instituted to prevent confidential and sensitive information from being leaked due to misplaced or unsecured storage devices.
According to a report by TheRegister, IBM's global chief Information security officer Shamla Naidoo issued an advisory stating that the company “is expanding the practice of prohibiting data transfer to all removable portable storage devices (eg: USB, SD card, flash drive).”
This advisory further stated that this policy is already in effect for some departments, but will be further enforced throughout the entire company.
TheRegister's reporting says the reason for this stricter policy is to prevent "the possible financial and reputational damage from misplaced, lost or misused removable portable storage devices must be minimised."
Instead, IBM employees are advised to use IBM's "sync ‘n’ share" service to transfer data between employees and devices.
In today's constant reports of data leaks, theft, and privacy breaches, it is not surprising for a company to want to secure their data and to do so in a way that they can keep track of where it goes and who has it. At the same time, strict policies like this can be a huge headache for a company's IT department that routinely relies on removable storage to transfer installation files, drivers, firmware, patches, and utilities between computers.
At this time, it is not know if this new policy will strictly be for data files or for all files including those used by IT support. Bleeping Computer has contacted IBM for comment and was told "We regularly review and enhance our security standards and practices to protect both IBM and our clients in an increasingly complex threat environment."