Although data encryption adds cost and complexity, business and government sectors are becoming wedded to it -- even though at times it's like an arranged marriage driven by regulatory compliance and fear of data-breach fiascos.
"We now require encryption for data at rest on laptops in the Air Force," says Greg Garcia, member of the senior executive service of the US Air Force and director of the 754th Electronic Systems Group at Gunter Air Force Base. The group sets security policy for the 500,000 laptops used by the Air Force.
"The contract we awarded for this grew out of what happened at Veterans Affairs," Garcia points out, alluding to the data-breach fiascos of this year and last that led to millions of veterans' personal information being exposed on lost and stolen laptops.
The VA data-breach incidents spurred the White House Office of Management and Budget, the Department of Defense and the civilian-side General Services Administration to look at governmentwide approaches for "data at rest" encryption.
The outcome was the US government's first-ever blanket purchasing agreements (BPAs) for data-at-rest encryption products to protect sensitive but unclassified data on government laptops and removable storage devices.
BPAs were awarded in June to eleven resellers, including Intelligent Decisions, MTM Technologies and GovBuys.
The encryption products on the lists include Mobile Armor's Data Armor, SafeBoot's (acquired by McAfee for US$350 million in October) SafeBoot Device Encryption, Information Security's Secret Agent, SafeNet's SafeNet protectDrive,
Encryption Solutions' Skylock At-Rest, Pointsec Mobile Technologies' Pointsec, Syprus' Talisman/DS Data Security Suite, WinMagic's SecureDoc, Credant Technologies' CredantMobile Guardian and GuardianEdge Technologies' GuardianEdge.
State and local government viewpoint
What's known as the data-at-rest encryption BPAs are also available for use by state and local governments. The Tennessee Department of Revenue is going its own way in adding encryption to its mobile laptops by deploying Entrust encryption software this fall.
"Our data is very confidential, and we have a mobile workforce of about 300 auditors and revenue officers who travel across the country as well as the state," says Don Derrick, director of information technology resources. "Our strategy is to encrypt these devices first."
The two Entrust software products, Entrust Entelligence Disk Security and Media Security, costs US$149 and US$28 per licensee, respectively. The department cannot afford to give encryption software to all its employees, although the department now requires encryption to keep personal financial information protected on a mobile computers carried from place to place.
"This is our policy now, and if you're writing to a DVD or CD to be given to a citizen, any confidential data has to be encrypted there too," says Derrick. The citizen would get a password courtesy of Tennessee to decrypt the data.
While the agency didn't decide to deploy encryption specifically because of the VA data-breach incidents, Derrick acknowledges it's hard to forget them.
- +
Ticked Off at Tick the Box Mentality 04/02/2008 13:01:15
Does your executive search firm know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?Does your executive search firm know its MIS managers from its elbow? Does it even know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients? - +
Toxic Mix or Bit of a Mixed Blessing? 31/12/2007 10:36:30
“Eye of newt, and toe of frog, Wool of bat, and tongue of dog . . . ” The inter-generational office brew of Boomer, Gen X and Gen Y may not be quite as odious as that of the three witches in Shakespeare’s Macbeth, but even so it makes “for a charm of powerful trouble”"Eye of newt, and toe of frog, Wool of bat, and tongue of dog . . . " The inter-generational office brew of Boomer, Gen X and Gen Y may not be quite as odious as that of the three witches in Shakespeare's Macbeth, but even so it makes "for a charm of powerful trouble"
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Mitel Launches Simpler Unified Communications 2008-11-19 17:40:00+11
Symantec Security Products Shine in In-Depth Protection Reviews 2008-11-19 13:01:00+11
Digital Sense opens first stage of the world’s largest data centre complex in Brisbane 2008-11-19 13:00:00+11
RightNow Technologies Delivers RightNow November ’08 Plus New On Demand Enterprise Contact Centre Package 2008-11-19 12:00:00+11
Valorem uniquely deploys RSA SecurID for remote workforce management 2008-11-19 10:16:00+11
Best Practice in Building an Integrated Information Management Strategy
Discover the business value that creating an integrated information platform can bring. Learn how to provide consistent, accurate information to all stakeholders within your business network. Integrate vital data from disparate sources and deliver a trusted information foundation. Read on to uncover the stepping-stones to your new information management strategy.
Buying Guides
Buying Guides
