Army plans to encrypt data on notebooks
Policy also will call for inventory of mobile devices
- By Dawn S. Onley
- Aug 24, 2006
'Data at rest is data at risk. Don't be the one who loses that notebook computer and the data on it is not encrypted,' said Lt. Gen. Steven Boutelle, Army CIO.
The Army is kicking off a pilot program to begin encrypting data on notebook computers.
Lt. Gen. Steven Boutelle, Army CIO, said the service would also soon release a policy that instructs Army personnel to perform an accounting of notebooks and other mobile devices.
Both efforts are in response to data breaches that occurred in the Energy and Veterans Affairs departments, Boutelle said. The intent is to easily determine if a computer has been stolen and to encrypt data so information on that computer is protected.
The Army must take a proactive role to secure mobile systems and can't wait for the next newspaper article to appear on another federal data breach, Boutelle told attendees last week at the Army LandWarNet Conference in Fort Lauderdale, Fla., sponsored by the Armed Forces Communications and Electronics Association. The theme of the conference is 'Delivering Joint Integrated Solutions to the Warfighter Today.'
'We're going to give you guidance in the next few weeks to immediately identify all your notebook computers,' Boutelle said. 'Data at rest is data at risk. Don't be the one who loses that notebook computer and the data on it is not encrypted, after you've seen what's happened to the other federal agencies.'
Once the guidance is released, the Army will require users to put a sticker on each notebook computer and mobile device, to categorize equipment by mobile device versus non-mobile and to label appropriately, and to halt the practice of removing mobile computers from secure areas unless the data on the systems is protected. Among the Army's accepted encryption software programs are those from PointSec Mobile Technologies Inc. of Lisle, Ill., and Credant Technologies Inc. of Addison, Texas, and Microsoft's Encrypting File System.
'I know what I own now. Now it's my job to manage it properly,' Boutelle said.
Pete Morrison, who runs federal operations for Credant, said the high-profile data breaches at Energy and VA brought the issue to the forefront with Army officials. He said there will always be incidents with stolen laptops. Credant products encrypt the data so thieves don't gain access to critical data, Morrison said.
'We protect the device even if you don't know it's lost,' Morrison said. 'This part of security is suddenly becoming very important.'