NASA Hastily Enacts Policy to Encrypt Laptops After Another Computer Goes Missing

rated by 0 users
This post has 2 Replies | 0 Followers

Top 10 Contributor
Posts 24,867
Points 1,116,130
Joined: Sep 2007
ForumsAdministrator
News Posted: Thu, Nov 15 2012 11:30 AM
After a NASA laptop containing sensitive, personally identifiable information was swiped from a locked vehicle in NASA’s Washington, D.C. headquarters parking lot on October 31st, NASA officials have banned employees from taking computers containing sensitive information from its facilities and are taking immediate steps to bolster device security.

According to a BBC report, the stolen notebook was password protected but not encrypted, and NASA has warned its employees to be aware of phishing attacks as a result of the theft. In reaction to this latest loss, NASA’s chief information officer Linda Cureton has ordered that all of its computers must be encrypted. The agency has already begun encrypting its laptops, with as many as possible encrypted by the middle of next week and hopefully all of them within a month.

NASA HQ
NASA headquarters in Washington, D.C.

It’s commendable that NASA is taking the extra step to enhance security to protect sensitive data that could pertain to issues of national security, nuclear information, NASA employees, and so on, but it’s alarming that this wasn’t already standard procedure at the agency. Further, this isn’t the first time NASA laptops have gone missing; dozens of them have vanished over the last few years.

Cureton
NASA CIO Linda Cureton (Image credit: Space Safety Magazine)

The October 31st situation involving the theft of the laptop also begs the question of why the NASA parking facility is so insecure that someone could waltz in, break a window or jimmy the door lock (the report didn’t indicate the method of entry), grab a laptop, and walk out without anyone noticing.

We’ll graciously avoid the trope that they can put a man on the moon but can’t enact basic security measures or keep track of a few laptops.
  • | Post Points: 35
Top 10 Contributor
Posts 8,436
Points 102,150
Joined: Apr 2009
Location: Shenandoah Valley, Virginia
MembershipAdministrator
Moderator
realneil replied on Thu, Nov 15 2012 5:55 PM

Obviously not hasty enough,........

What is it that makes these large government organizations ignore security measures until it's too late? Had they never thought to encrypt sensitive DATA before?

I guess it's not just the government, I remember Sony's server security breakdowns snowballing across the news not too long ago,.......

 

Don't part with your illusions. When they are gone you may still exist, but you have ceased to live.

(Mark Twain)

  • | Post Points: 5
Not Ranked
Posts 2
Points 10
Joined: Nov 2012

I'm sure if they ask nicely they will be brought back(=

  • | Post Points: 5
Page 1 of 1 (3 items) | RSS