SEC seeks encryption sources

The Securities and Exchange Commission seeks sources for encryption of all user data on all agency laptops and portable media devices from GSA Schedule holders.

SEC requires that the product encrypt the entire hard disk so that if a disk were pulled and analyzed, it would be unreadable, the securities agency said in a posting on FedBizOpps.

Responses are due Aug. 25.

The Office of Management and Budget issued a memo in June requiring agencies to encrypt data running on laptops and other portable media that contain personally identifiable information. The deadline was Aug. 7.

The application must ensure that encrypted volumes, including the operating system, are only accessible after the user enters a pre-operating system password to decrypt the volume. The product must encrypt all removable media upon connection to the system and to let the system administrator refuse to mount a device for which the user has canceled encryption.

Among SEC's management and recovery requirements, the encryption product must let enterprise policies be centrally configured and be fully integrated with Active Directory for managing policies and user authentication.

The encryption product also must support single-sign on technology, so users only log into the bios-encryption application.

The product must be able to encrypt all portable media storage devices, including USB thumb drives, floppy disks, writable DVDs and CDs, and personal digital assistants' technologies.

About the Author

Mary Mosquera is a reporter for Federal Computer Week.

inside gcn

  • Congressman sees broader role for DHS in state and local cyber efforts

    Automating the ATO

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group