Feds' Edict To Encrypt Hard Drives Gets -- You Guessed It -- Ignored

from the surprise! dept

Back in May, the Transportation Security Administration did its best to gloss over the fact that it lost a hard drive containing personal information on some 100,000 of its employees by putting out a press release about it at 7 o'clock on a Friday evening. Now, a few months later, it's disclosed that the drive wasn't encrypted (via Threat Level), in contravention of a White House order from last summer saying that all devices containing personal data need to be encrypted if they're taken outside secure areas. As we've noted, these sorts of edicts and guidelines are meaningless unless they're actually followed, and non-compliance brings real repercussions.

Filed Under: data breaches, identity theft
Companies: tsa

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Enrico Suarve, 18 Jul 2007 @ 2:04am

    Re: not as easy as it sounds

    And all the others who said the same basic thing

    Sing it loud brothers!! - I feel your pain

    The problem with large scale IT support is there are always a million experts who have a friend that did it once on their home system for a few bucks or with open source software so it must be easy

    Yeah right - the trick to large scale IT support isn't gadgets, hardware, flashy software etc. It's picking the right *solution* to support the business both during and after the rollout. The software usually has to be vendor supportable, open source has the distinct disadvantage that its source code is open to all (so not great for a security app you are relying on), and that in my experience if you end up with a problem that is almost unique to your build (not too uncommon) you are basically alone

    You have to be able to plan a rollout which will not stop the business dead in its tracks, if you're 24x7 this can sometimes mean installing temporary clusters and almost always means shit loads of overtime. On the subject of clusters - you probably want to test in a model office environment what happens if one half of the cluster is encrypted but not the other....

    For a major mid-high risk rollout like this (I don’t know of an encryption project that didn't screw up some drives) you need to invest time in communication - otherwise you end up with exactly what Brian states users panicking and backing up data to their MP3s. Hell if you are sensible you probably want to ensure you have some form of workstation backup solution before you go about this, or at least a few fast USB hard disks to do temporary backups at the users side before going ahead (which again requires more staffing, business disruption etc)

    You'll want to make sure your support staff have adequate training in how to work the software, diagnose faults with it or are even basically aware of it - this includes your helpdesk – how are they going to support remote users?

    On the subject of backups as already mentioned you need to make sure that you can backup encrypted disks so more testing - I reckon you'll probably also want to see what happens if you need to roll back due to a fault and your full backup is unencrypted but the incrementals aren't

    On that note - roll back plans....

    I'll stop, but you get the idea, there is a shit load more to consider in a large rollout of this level of software than most people initially think and almost every aspect involves increased cost and/or business disruption. The faster you want to go, the deeper pockets you need

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it

Email This

This feature is only available to registered users. Register or sign in to use it.