From the “you think you have problems” file comes news that The United States State Department does not have an accurate accounting of its laptop computers, including laptops with classified data, and has failed to encrypt machines as it is supposed to do by July 2008 in order to protect sensitive information. This is from a new report by the department’s inspector general.
State Department Laptops Not Encrypted
According to this report released by the Inspector General for the Department of State, half of the laptops issued at the State Department are not encrypted. To add insult to injury, eight percent of the laptops cannot even be located! More problematic is that the State Department had issued its own mandate to have all of their laptops secured with laptop encryption software by July 1, 2008 – a goal they clearly missed!
This data was collected by a study of a sample of laptops – so the real numbers could be even higher! A study of a sampling of 334 State Department laptops revealed that 27 laptops were missing (8%), and that 172 of them were not encrypted. Included in the unencrypted group were 14 classified laptops, of which 9 were actually identified as potentially containing “secret” data!
The report notes that it’s not possible to tell whether the missing 27 laptops were protected via hard disk encryption or not, since there is no system in place to track which computers were protected. Officials, of course, claim that there was no sensitive information on these missing computers – but there is no actual documentation or tracking to be sure.
Administering Encryption – Alertsec Xpress Value
The State Department is no different than most large organizations. They have so many computers – especially mobile computers – that it is just hard to track everything! They have systems designed to track static equipment and with today’s technology it is easily movable. They have over 30,000 employees and so that means even more computers (labs, training rooms etc) and probably half of those are portables or netbooks.
Keeping track of 15,000 of laptops is not an easy task managing encryption keys could well be nothing short of impossible. An encryption solution like Alertsec Xpress offers a great solution to companies and organizations with laptops galore – especially those with staff in multiple locations.
With encryption over the Internet, Alertsec Xpress makes it easy to distribute the encryption software. The laptop user/owner can simply download the Alertsec Xpress software while connected to the internet, and with just a few clicks ensure that their computer is encrypted. This distributed installation model means IT staff do not need to actually visit the computers to install the encryption software.
Alertsec is then your centralized hub for controlling the encryption status of machines. Alertsec and your staff with administrative access can identify whether a machine has been encrypted. When you subscribe to Alertsec Xpress, a customer account is created on the Alertsec Xpress website through which the coordinator will deploy and manage his users. The coordinator will also be able to uninstall the security software on specific users through this account
Encryption Lessons
In 2000, disciplinary action was recommended against six State Department employees in connection with the disappearance of a classified computer from the department’s Bureau of Intelligence and Research. Clearly the State Department has not learned its lessons when it comes to laptop security.
Meanwhile thousands of users at businesses worldwide are being safely and easily protected with Alertsec Xpress. The solutions are available and affordable for those organizations that are ready to step up and make security a priority.
What these organizations need is a management system which can track and record the location of these laptops. Or a central server which can instruct the laptop to “self-destruct” or delete all secret files when reported stolen. It will put everyone at ease.
That is one of the advantages of encryption – when somebody else gets the laptop/computer they can not access any files on the hard drive without the right access. There is no need to delete the secret files as nobody can gain access to them!
Great blog. This is one of the most incredible grad eu post Ive read in a very long time. The amount of information in here is stunning great, like you practically wrote the book on the qxbid subject. Your blog is nice for anyone who wants to understand this subject more. Great stuff; please keep it up with great bloging град.eu!