NASA Plans to Encrypt All Laptops
The agency said that no NASA notebook can leave NASA facilities unless full disk encryption is enabled or the files that contain sensitive information are individually encrypted.
NASA has initiated a program to encrypt all notebooks until November 21. Computers without whole disk encryption cannot be taken off NASA premises anymore. Teleworkers are advised to use loaner notebooks instead of NASA devices.
While NASA has not provided details about the theft, it apparently has been an event that is affecting a significant number of people. The laptop, which was stolen from an employee's locked vehicle apparently contained "records of sensitive personally identifiable information (PII) for a large number of NASA employees, contractors, and others."
An email sent to NASA employees stated that the computer was password-protected, but did not have whole disk encryption, which indicates that the data "could be accessible to unauthorized individuals."
Practically uncrackable unless you have huge resources, in which case stealing the laptop would be the easy part.
Damn you. Now I have to change the combination on my luggage.
A secretary may have important PII and travel and calendar details for the executive that she supports. Do not overlook the importance of data and how it could be very valuable to the right people.
Full disk encryption should be relatively easy to put in place. I know that the 50,000 employees at my company all cope with it without any major issues....(just don't plug in a esata drive....the brilliant encryption software thinks it is internal and encrypts it for you....making it only visible on that laptop)
Chances are there were sections / departments that had DAR and fully disk encryption put into place. This is just an agency wide policy change, now local IT managers don't have the option of going without it to appease seniors officials.
what?
Actually, it will. You can image new laptops to come with Bitlocker, for example. Set the password requirement to contain at least a combination of a fair amount of letters/numbers/symbols, etc. Enforcing a proper password isn't all that hard, loads of IT guys are simply to laid back to go against managers who complain about password policies.
After that it's simply a matter of encypted systems becoming inaccessible after entering the wrong password to many times.
Nasa>space>Aliens...
Nah probably dont want everyone to know they dont really do anything in there
So after November 2st the encryption can be removed ?
Shouldn't it read "to encrypt all notebooks by November 21." ?
Just curious, as I am not a native English speaker, as to whether or not my grammar is off.