U.S. Government Taking No Chances With Full-Disk Encryption
Finally, a government program regarding technology that I can support. HotHardware has reported in prior articles Seagate Announces Encrypted Hard Drives for Notebooks and How To Turn Your Stolen Laptop Into A Snitching Doorstop both concerning the issues that are being served by this memorandum.
After story after story of government laptops being stolen and compromised, the U.S. government is making progress in encrypting all information stored on its data devices. On June 23, 2006, a memorandum (PDF) from the Executive Office of the President mandated that all government mobile computers and devices must fully encrypt all data. The document recommends the following actions for all departments and agencies: * Encrypt all data on mobile computers/devices which carry agency data unless the data is determined to be non-sensitive, in writing, by your Deputy Secretary or an individual he/she may designate in writing. * Allow remote access only with two-factor authentication where one of the factors is provided by a device separate from the computer gaining access. * Use a "time-out" function for remote access and mobile devices requiring user re-authentication after 30 minutes inactivity. * Log all computer-readable data extracts from databases holding sensitive information and verify each extract including sensitive data has been erased within 90 days or its use is still required.
The memorandum. Read more here...