After a NASA
laptop containing sensitive, personally identifiable information was swiped from a locked vehicle in NASA’s Washington, D.C. headquarters parking lot on October 31st, NASA officials have banned employees from taking computers containing sensitive information from its facilities and are taking immediate steps to bolster device security.
According to a BBC report, the stolen notebook was password protected but not encrypted, and NASA has warned its employees to be aware of phishing attacks as a result of the theft. In reaction to this latest loss, NASA’s chief information officer Linda Cureton has ordered that all of its computers must be encrypted. The agency has already begun encrypting its laptops, with as many as possible encrypted by the middle of next week and hopefully all of them within a month.
NASA headquarters in Washington, D.C.
It’s commendable that NASA is taking the extra step to enhance security to protect sensitive data that could pertain to issues of national security, nuclear information, NASA employees, and so on, but it’s alarming that this wasn’t already standard procedure at the agency. Further, this isn’t the first time NASA laptops have gone missing; dozens of them have vanished over the last few years.
NASA CIO Linda Cureton (Image credit: Space Safety Magazine)
The October 31st situation involving the theft of the laptop also begs the question of why the NASA parking facility is so insecure that someone could waltz in, break a window or jimmy the door lock (the report didn’t indicate the method of entry), grab a laptop, and walk out without anyone noticing.
We’ll graciously avoid the trope that they can put a man on the moon but can’t enact basic security measures or keep track of a few laptops.