Skip Links

Network World

  • Social Web 
  • Email 
  • Close

Data breaches, regulations fueling data encryption adoption

Government agencies, banks at forefront of data encryption usage
By Ellen Messmer , Network World , 12/10/2007
  • Share/Email
  • Comment
  • Print

Although data encryption adds cost and complexity, business and government sectors are becoming wedded to it -- even though at times it’s like an arranged marriage driven by regulatory compliance and fear of data-breach fiascos.

“We now require encryption for data at rest on laptops in the Air Force,” says Greg Garcia, member of the senior executive service of the U.S. Air Force and director of the 754th Electronic Systems Group at Gunter Air Force Base in Montgomery, Ala. The group sets security policy for the 500,000 laptops used by the Air Force.

“The contract we awarded for this grew out of what happened at Veterans Affairs,” Garcia points out, alluding to the data-breach fiascos of this year and last that led to millions of veterans’ personal information being exposed on lost and stolen laptops.

The VA data-breach incidents spurred the White House Office of Management and Budget, the Department of Defense and the civilian-side General Services Administration to look at governmentwide approaches for “data at rest” encryption.

The outcome was the U.S. government’s first-ever blanket purchasing agreements (BPAs) for data-at-rest encryption products to protect sensitive but unclassified data on government laptops and removable storage devices.

BPAs were awarded in June to eleven resellers, including Intelligent Decisions, MTM Technologies and GovBuys.

The encryption products on the lists include Mobile Armor’s Data Armor, SafeBoot’s (acquired by McAfee for $350 million in October) SafeBoot Device Encryption, Information Security’s Secret Agent, SafeNet’s SafeNet protectDrive,

Encryption Solutions’ Skylock At-Rest, Pointsec Mobile Technologies’ Pointsec, Syprus’ Talisman/DS Data Security Suite, WinMagic’s SecureDoc, Credant Technologies’ CredantMobile Guardian and GuardianEdge Technologies’ GuardianEdge.

State and local government viewpoint

What’s known as the data-at-rest encryption BPAs are also available for use by state and local governments. The Tennessee Department of Revenue is going its own way in adding encryption to its mobile laptops by deploying Entrust encryption software this fall.

“Our data is very confidential, and we have a mobile workforce of about 300 auditors and revenue officers who travel across the country as well as the state,” says Don Derrick, director of information technology resources. “Our strategy is to encrypt these devices first.”

  • Share/Email
  • Comment
  • Print
Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.

Download the white paper.

Applications: taking back control

Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.

Learn more today.

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed