Security

Read all 'IEEE 1667' posts in Security
November 24, 2008 11:07 AM PST

IEEE 1667: One standard worth watching

by Jon Oltsik
  • 4 comments

I've grown rather cynical about industry standards, but I am pretty bullish on IEEE 1667 (aka: "Standard Protocol for Authentication in Host Attachments of Transient Storage Devices"). This standard should improve security and may have other benefits as well.

Here's the thing: We all have a plethora of flash drives, MP3 players, and USB disk drives. Yes, these may be a great way to replicate music or transport files, but they also create a huge security vulnerability. When you plug in the 250GB drive you bought at Fry's Electronics at lunch, you can steal a heck of a lot of data.

When IEEE 1667 is in place, the risks associated with this vulnerability decrease substantially because only authenticated devices will be accepted. I can provide my employees with specific types of IEEE 1667-compliant devices that can be authenticated and used. All others, including that device you bought at Fry's Electronics, won't work. Assuming that you can audit the use of these devices, this provides security without compromising usability--a win-win in the security management world.

Of course, there are things I can do today to address this issue. I can fill USB ports with glue, rendering them unusable. (Don't laugh, lots of people actually do this.) I can turn off all USB ports using configuration software. I can also use some proprietary software that does the same thing as IEEE 1667 with "proprietary" being the key word. These are all-or-nothing propositions.

IEEE 1667 is most promising in this case for one reason: Microsoft is a strong supporter and plans to bake IEEE 1667 into Windows 7.

Once IEEE 1667 gains wide deployment, it may help in areas beyond security alone. For example, ESG Research indicates that only 35 percent of enterprise organizations actually back up user PCs. Seems crazy, but this remains a real problem. When IEEE 1667 takes hold, I can assign all of my users an authenticated encrypting drive like Seagate's BlackArmor device. They can then back up their laptops securely on their own. Think of the benefits: Costs are relatively low (one device per user), security remains tight, and I have don't have to invest in incremental network bandwidth, backup servers, tape drives, or IT administrators.

There are a few other standards that compete with IEEE 1667, but I hope Microsoft's support causes them to fade away. Let's all follow Redmond's lead in this case for the greater good.

Topics:
Privacy and data protection
Tags:
IEEE 1667,
BlackArmor
Share:
Digg
Del.icio.us
Reddit
  • prev
  • 1
  • next
advertisement

15 sites that went kaput in 2009

Web sites launch all the time, but they also shut their doors. We highlight 15 that bit the dust this year.

Top 10 news stories of the decade

Let the debate begin: Was the iPhone more important than iTunes? Was anything bigger than Google finding a great business model? CNET offers its list of the 10 most important stories of the '00s.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

Most Discussed



advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET