In yet another instance of high-profile data loss, the National Aeronautics and Space Administration (NASA) has announced that a laptop containing unencrypted, sensitive data was stolen. Ahead of a final determination of the extent of the data exposure, NASA has warned its 300,000 employees and contractors to be extra cautious and that they may be at risk for identity theft.
As a result of this theft and previous data exposure incidents, the organization has established a new policy that all laptops will be encrypted from this point forward, and until the encrpytion can be enforced, all laptops with sensitive data can no longer be removed from NASA facilities.
What this means for you:
The NASA laptop in question was password protected, but you may not be aware that gaining access to data on a password-protected laptop is trivial when you have the actual device in your physical control. Though it does add overhead to overall performance of laptops, encrpyted data partitions or even full-drive encryption is the only way to truly safeguard data on mobile devices, and a compromise that savvy organizations are willing to make in order to allow their knowledge workers the mobility required in today’s technology environment. If you or your knowledge workers work with sensitive data, whether it be employee records or client data, you should review your organization’s privacy and security policies to ensure you are properly protecting yourself from a damaging security breach and data loss.