Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!

Watching the USB Watch

By Joseph Devine
March 1, 2008
Universal Serial Bus interfaces can prove a way that competitors, visitors and thieves can steal intellectual property.


Intelligent property theft is a major concern of many enterprise chief security officers. There are numerous methods of competitors and countries to steal intelligent property. Some are traditional such as talking with employees to gain information. Some are emerging and based on technology advantages.

Take, for example, the universal serial bus (USB) standard being embedded in numerous appliances and devices.

The USB watch, for instance, can be a useful device for the busy professional. It allows one to carry PowerPoint presentations, documents and even recorded lectures in a small case. Since it is worn as a wrist watch, it is not easily forgotten as with the case of flash drives. The USB watch has varying capacities between 64MB and 1GB.

The newer ones also have a built in microphone, which allows the wearer to record up to 12 hours of audio. This is useful for recording meetings and brainstorming sessions for creative design sessions. If used properly, this device makes document sharing and creative designing much easier and transparent.

A wristwatch with computer memory and a USB port connection can allow a visitor to capture data in an intellectual property theft.

SECURITY RISK

Such a device can also be a security risk if misused by the wearer. It has been our experience that many people do not know such devices exist. That means an intellectual property thief could walk in a corporation, copy some documents from a computer, and leave without being detected. Many managers and scientists receive guests who may add to the design process of a product or be a potential customer. It would be so easy for a guest to spill something or ask for a coffee and then be left with an unattended computer by a helpful employee.

It becomes important for security professionals and managers to read the latest popular magazines and mail order catalogs so as to be aware of such devices. Security professionals should also discuss such devices with human resources, managers, and the general counsel of a company so that proactive policies can be instituted. The time to learn about such devices should not be after a security breach when policies were not in place and prosecuting may become difficult. Without proper policies in place, seizing such a device from a person and searching it may not be possible or if done incorrectly, could cost the company in legal fees and settlements.

Managers and security professionals need to be proactive about learning about technology even if they are technophobes. It takes leadership to form a group to proactively assess such risks.

The inherent risks associated with this device transcend those of just the theft of intellectual property. Virtually all organizations, whether corporate, private or governmental have a legal as well as an ethical responsibility to protect proprietary information.  Therefore, matters related to industrial espionage especially those within the pharmaceutical industry are but a small percentage of the organizational risks being compounded by the evolution of surreptitious technology.  This technology is a concern to the simplest of organizations as well as to the most complex global organizations.

Proprietary information as well as confidential information about employees, clients, patients, students and others is placed at increased risk of theft.  While such a theft may not directly impact the targeted organization it would increase the exposure of these individuals to identity theft.  Numerous instances of the loss and theft of personal information from various federal agencies, financial institutions and others have been reported through the last decade.  While relevant safeguards have been developed to enhance target hardening this device enables the “lone wolf” as well as those acting as part of an organized intrusion to attack from a pedestrian level.  As such, a visiting salesperson, a maintenance worker, a low level security officer, a delivery person or any other such person who is simply a part of the office background noise may in a matter of seconds compromise the very core of a targeted organization.

CLOSER TO HOME

Perhaps even more insidious is the inevitable compromise of sensitive governmental operations.  In a post September 11th environment we naturally focus upon concerns related to homeland security.  While such concerns are clearly justifiable, organizational leadership must also be concerned with protecting matters related to their primary mission.  By their very nature law enforcement organizations acquire and maintain inherently sensitive information and intelligence.  The exclusive nature of this information makes it of interest to the media, to defendants, to organized criminal enterprises and to investigative entities employed by law firms.  It is therefore vital that such organizations protect information relevant to the performance of their mandated statutory responsibility. The theft of sensitive information may serve to endanger law enforcement officers, compromise public safety, compromise victims/ witnesses and as such impede the organizations performance.  Additionally, the protection of the identities of victims of various criminal acts, especially victims of sex crimes is vital.  Maintaining the confidentiality of cases related to official corruption is critical to the integrity of these investigations as well as to protecting those who have been falsely accused.

The USB watch is but another vector capable of compromising the traditional security constructs.  It is yet another evolution of technology that must be identified and constrained through protective intelligence, access control and technological countermeasures.  It is likely that government organizations are well behind their corporate counterparts in identifying and constraining this risk.

Once the policies are in place, the technical security controls can be implemented. The policy editor in Windows XP for example allows USB ports to be disabled on certain machines or to be enabled by a person with an administrator password. Visitors who are left with such unattended machines will not be able to download documents on such USB watch devices. Security cameras and computer logs also can be combed with automated tools for suspicious activities. Good security involves good policy, psychical security, technical security, and awareness training for employees. If we are not aware of the new devices on the market, we will become a victim of them from unethical employees or visitors.  

SIDEBAR: What Is a USB?

Universal serial bus (USB) is a standard to interface computer devices. It allows peripherals to be connected using a single standardized interface socket and to improve plug-and-play capabilities by allowing devices to be connected and disconnected without rebooting the computer. Other convenient features include providing power to low-consumption devices without the need for an external power supply and allowing many devices to be used without requiring manufacturer specific, individual device drivers to be installed.

Intended to help retire all legacy varieties of serial and parallel ports, USB can connect computer peripherals such as mouse devices, keyboards, PDAs, gamepads and joysticks, scanners, digital cameras, printers, personal media players, flash drives and even watches.

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Dr. Joseph Devine is assistant professor, FDU.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Security newswire default

    Business Resilience Trends Watch 2019 Reveals Risk Management is out of Step with the Needs of the Modern Workforce

    See More
  • Woman holding a cellphone

    Attending the Olympics? Watch out for these mobile threats

    See More
  • Watch the Film Here -- Flight 253 Bomb Blast Simulation Shows It Would Not Have Brought Down Plane

    See More

Related Products

See More Products
  • 150 things.jpg

    The Handbook for School Safety and Security

  • Risk-Analysis.gif

    Risk Analysis and the Security Survey, 4th Edition

  • s and the law.jpg

    Surveillance and the Law: Language, Power and Privacy

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing