Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
NASA Encryption Government Privacy Security IT

NASA To Encrypt All of Its Laptops 226

pev writes "After losing another laptop containing personal information, NASA wants to have all of its laptops encrypted within a month's time with an intermediate ban on laptops containing sensitive information leaving its facilities. Between April 2009 and April 2011 it lost or had stolen 48 'mobile computing devices.' I wonder how long it will be before other large organizations start following suit as a sensible precaution?"
This discussion has been archived. No new comments can be posted.

NASA To Encrypt All of Its Laptops

Comments Filter:
  • by wbr1 ( 2538558 ) on Thursday November 15, 2012 @11:56AM (#41992019)
    Why is this not done already? Between truecrypt and (ack) bitlocker,it s relatively easy. Add in a robust backup system, which any organization should have already, and it is cheap and fairly easy to implement.
  • truecrypt (Score:2, Insightful)

    by X0563511 ( 793323 ) on Thursday November 15, 2012 @11:56AM (#41992021) Homepage Journal

    For the lazy it does the job well. No need spend budget on it.

  • AAARRRRGHHH (Score:5, Insightful)

    by MrLint ( 519792 ) on Thursday November 15, 2012 @12:19PM (#41992319) Journal

    NONONNONONONO

    This is not how you deal with an incident like this. You have to reexamine your infrastructure and find out *why* that info was on an endpoint to begin with. This is teh same BS kneejerk reaction that makes for bad IT planning. Just go and wallpaper of it with a band-aid and look all betterer.

    HULK SMASH!!!!

  • by TechyImmigrant ( 175943 ) on Thursday November 15, 2012 @12:24PM (#41992391) Homepage Journal

    >Yep, you've got to have a documented practice to keep track of the recovery keys encryption programs generate.

    No. I work in a big corp. If I die, my FDE password dies with me and the data is gone. Real data is held on servers and managed. A PC is just an access device.

  • by Culture20 ( 968837 ) on Thursday November 15, 2012 @12:43PM (#41992647)
    Resources == salaries. Do you pay two IT guys or an engineer/scientist?
  • by NumenMaster ( 618275 ) <`calcmandan' `at' `gmail.com'> on Thursday November 15, 2012 @12:57PM (#41992799)
    Funny enough right? How is it not STANDARD practice? I work for a really small state agency and that's the FIRST thing we do after imaging our laptops. It's been our policy for years. I'm so awestruck at the news.
  • by geekoid ( 135745 ) <dadinportland@nOSpaM.yahoo.com> on Thursday November 15, 2012 @01:50PM (#41993359) Homepage Journal

    They have a finite pool of money. Putting something in IT takes money from the finite pool.
    The poster is correct, ti's about priorities.
    Since that vast majority of information NASA has is useless to anyone not in a space agency, it seems this was a good priority of limited funds.

  • by Anonymous Coward on Thursday November 15, 2012 @02:12PM (#41993599)

    Because encrypting data is like putting it in a black hole, from which it might never return. If you lose your password, THAT'S IT! GONE!

    For a technically competant user base, like (i'd like to assume) NASA employees probably are, go for it!

    But for people who struggle with Microsoft Word and basic e-mail? Well... uh... let's just say an organization might want to perform an analysis of how many times their employees call in for password resets. There will likely be a strong correlation between data loss and password resets.

    Sure, the data might not fall into the wrong hands anymore, but with statistics for every lost laptop, add ON TOP OF THAT data that's effectively destroyed by users getting locked out of their own encryption. That could ALSO be very costly in terms of lost man-hours, and possibly an unnecessary risk depending on how much sesnsitive data you REALLY deal with.

  • by luis_a_espinal ( 1810296 ) on Thursday November 15, 2012 @02:38PM (#41993931)

    This is not a new policy. The implementation of full disk encryption has been underway for some time. We are doing laptops first, then desktops. The current fire drill is because a laptop with PII was stolen at NASA HQ and it was one that had not yet had full disk encryption installed.

    NASA IT staff are as overworked and under appreciated as anywhere. If NASA had wanted full disk encryption done sooner, they could have added the resources to make it happen. And that would have taken resources from missions, like Curiosity and the James Webb telescope. It's all about priorities.

    But therein lies the problem. It should not be underway for some time. It should have been in place as an iron-fist de-factor rule a long time ago.

    I sympathize with you and the other IT folks. Underfunded and under appreciated IT and dev folks alike. It is shitty, and I know what it's like (been there, don't that.) But, to not have laptops encrypted? To furnish unencrypted laptops? There is some serious break-ups there man. Why? Because, however overworked your team might be, I have a hard time believing that IT will furnish an un-imaged laptop, as-is from the vendor/supplier, to the user. I'm sure IT images the laptops, so it stands to reason that the imaging will include encryption.

    If the laptops are being furnished as-is from the vendors, that's a fuck-up.

    If the laptops do get imaged, but do not get encryption, that's also a fuck-up.

    Any government agency has some type of security and information assurance program and guidelines. And in them, encryption of laptops must be there somewhere. If that is the case, then it is a IT fuck-up. If it is not, then it is a IA fuck-up.

    I'm not necessarily blaming you or any specific IT person, but this is a serious crap-o-lah that goes against what is pretty much standard practice with any agency or defense contractor (I work for one), or even for commercial companies. It's simply crazy.

  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Thursday November 15, 2012 @04:03PM (#41995073)
    Comment removed based on user account deletion

A slow pup is a lazy dog. -- Willard Espy, "An Almanac of Words at Play"

Working...