Earlier today, we heard the news that NASA had suffered a major security breach when the laptop of an associate deputy administrator was stolen out of his car. The laptop contained the personal information of a number of NASA employees, including social security numbers. Naturally, this is a pretty big problem for NASA, so now it’s no surprise that we’re seeing the organization take measures to make sure that nothing on this scale happens again.
The problem with the stolen laptop was that it wasn’t properly protected. The information was stored away behind a password, but just protecting vital information like that with a password never means that it’s 100% secure. Had the information on the laptop been encrypted, this whole mess could have been avoided, despite the fact that the laptop was stolen.
NetworkWorld reports that NASA is now requiring full disk encryption on its laptops. The organization wants this implemented on the “maximum possible number of laptops,” by the time November 21 rolls around next week, with each and every laptop NASA owns required to have encryption capabilities by December 21. Once we’re past that date – provided we all survive the apocalypse – no unencrypted computer will be allowed to leave NASA’s buildings.
So, at least NASA is doing something to prevent unprotected computers from falling into the wrong hands. That won’t be much consolation to the folks whose information might be floating around in the wild at the moment, but NASA is offering to pay for credit tracking and insurance in the event that their identity is stolen. Keep it tuned to SlashGear, as we’ll update you on this breach if any new information becomes available.