In a note to staff, IBM global chief Information security officer Shamla Naidoo said the company “is expanding the practice of prohibiting data transfer to all removable portable storage devices such as USB, SD card, flash drives”.

Some parts of Big Blue have been following the policy for a while, but  Naidoo said: “over the next few weeks we are implementing this policy worldwide.”

Naidoo said that the drives had to be banned due to the possible financial and reputational damage from misplaced, lost or misused removable portable storage devices

IBMers are advised to use Big Blue’s preferred sync ‘n’ share service to move data around, but the advisory admits that the move might be a pain for some.

IBM staff need to download patches so they can be installed on devices they manage for clients and bootable USB drives are one means of installing those patches, and Big Blue even suggests to its users installing Linux on Power 9 users to use a USB key.

Word on the street is that there are some staff who are being granted exemptions. Still, it does show other companies that the flash drive problem is a significant issue that needs to be addressed