NASA orders full-disk encryption after laptop theft

Powered by SC Magazine
 

Employee data leaked.

Space agency NASA is tightening IT security after a laptop with large amounts of personally identifiable information on its employees was stolen from a locked car in October.

An email from NASA headquarters, published by SpaceRef, says that while the laptop had password protection, the information stored on it was not encrypted.

NASA's IT adminstrator Richard Keegan said that his office is "extremely concerned about this incident" and the agency is now taking steps to mitigate the serious data breach, including mandating full-disk encryption of all portable computers.

"The Administrator and the Chief Information Officer (CIO) have directed that, effective immediately, no NASA-issued laptops containing sensitive information can be removed from a NASA facility unless whole disk encryption software is enabled or the sensitive files are individually encrypted," the email stated.

By December 21, all NASA laptops must have full-disk encryption. Those that do not have it will be withdrawn from service, the agency said.

A data breach specialist, ID Experts, will assess the extent of the issue and write to the affected individuals.

NASA also warned that there may be attempts at identity theft in the aftermath of the data breach.

"All employees should be aware of any phone calls, emails, and other communications from individuals claiming to be from NASA or other official sources that ask for personal information or verification of it.

"NASA and ID Experts will not be contacting employees to ask for or confirm personal information. If you receive such a communication, please do not provide any personal information".

Copyright © iTnews.com.au . All rights reserved.


NASA orders full-disk encryption after laptop theft
 
 
 
Top Stories
The ethics of security
[Blog post] Where did that zero-day go?
 
Rio Tinto's big data play delivers promised ore
Returns trickle in from long-term technology investment.
 
Time management tips for CIOs
[Blog post] How to get to the genba.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  70%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  10%
 
Denial of service attacks
  6%
 
Insider threats
  11%
TOTAL VOTES: 1148

Vote