On my company's intranet site...
On arriving outside the office a colleague saw a person pick up a company branded USB memory stick from the pavement. The person handed the USB stick to the employee and said that it looked like someone from your office had dropped it.
The colleague took the device and promptly plugged it in to his computer to see if he could see any files to identify the owner.
Of course the device had some nasty malware on it and the virus checker had not stopped it.
Our company does not use branded memory sticks anyway and the ones we do use are password protected / encrypted.
I was in Colmore Row (Brum) last week and an IT bod confirmed that it was true and caused a lot of trouble, though the colleague is just "embarrassed" and not disciplined - they want people to admit when these things happen and not hide the fact.
Most laptops and PCs have USB drives disabled but a few are active for users that receive large files from clients.
We have previously had criminals gaining employment as staff with our outside building maintenance contractors who were refurbishing offices fit key loggers to desktop PCs.
|