What NASA's stolen laptops mean for your security
(MoneyWatch) NASA recently admitted that it has had no fewer than 48 of its laptops lost or stolen in the last several years -- between April 2009 and April 2011. Indeed, at least one of those laptops actually contained codes for controlling the International Space Station.
That wouldn't be so bad if, as you might expect, the laptops were all encrypted. Unfortunately, that's not the case: Not a single one of the 48 stolen PCs were protected, meaning that all of the data stored on them is easily accessible. NASA admits, in fact, that a mere 1 percent of its laptops are encrypted. Worse, there's no mechanism in place to force employees to encrypt their laptops, nor can IT push encryption requirements down. The entire organization appears to be at risk, with no policy or process in place to drive security.
So what actually is at risk? All the usual stuff: personal information like social security numbers, contact information and possibly even payroll data. But there's also critical intellectual property information like project data, control codes, patents and more.
Your business probably doesn't control a space station, but all that should sound familiar: Substitute control codes and patents for line of business apps, critical corporate secrets, and, well, patents, and you've probably described the sorts of data on your own laptops. Are they encrypted? If not, they should be. And you have no excuse not to, since Microsoft offers BitLocker with both the Enterprise and Ultimate editions of Windows 7, and other commercial solutions abound as well.
Are you protected? If not, why not -- sound off in the comments.
