Feds' Edict To Encrypt Hard Drives Gets -- You Guessed It -- Ignored

from the surprise! dept

Back in May, the Transportation Security Administration did its best to gloss over the fact that it lost a hard drive containing personal information on some 100,000 of its employees by putting out a press release about it at 7 o'clock on a Friday evening. Now, a few months later, it's disclosed that the drive wasn't encrypted (via Threat Level), in contravention of a White House order from last summer saying that all devices containing personal data need to be encrypted if they're taken outside secure areas. As we've noted, these sorts of edicts and guidelines are meaningless unless they're actually followed, and non-compliance brings real repercussions.

Filed Under: data breaches, identity theft
Companies: tsa


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Brian, 18 Jul 2007 @ 9:23am

    SailorRipley

    COE - common operating environment = all of our laptops and PC's are essentially the same eqpt running the same image. You see that in every large organization. If you treat every machine on a case by case basis, you just doubled the cost (and my staff).

    Why do you need a fully encrypted drive? Ask the NIST, not me. I believe "ease of use" is the primary factor (from my point of view at least, I'm sure those 4 levels above me would differ). It's much easier to explain to a user that they now need to log in one extra time when the PC boots than it is to train them to use encrypted stores. Not to mention what data needs to be encrypted and what doesn't. One note- none of our users have personnel data, I'm talking about sensitive/proprietary design data for ships and weapons systems (and not classified data - that has it's own policy universe)

    One thing I think we all take for granted here is user savvy (or the lack of it). If all the users were computer experts, I'd be out of a job. For the majority of my users (3000+ at last count), all they really know is their next deadline and how they'll never meet it if they experience even a small glitch.

    It's

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.