Wednesday, November 28, 2012

NASA to encrypt its data after last laptop loss

It is about time! NASA decided to encrypt the hard drive of its laptops containing sensitive information such as the "international sale or transport of weapons, nuclear equipment or other materials that fall under the US's export administration regulations", "information about NASA's human resources" or "other sensitive but unclassified data".

Given that any laptop contains a lot of private information, I would suggest that ALL laptops have their hard drive encrypted: the technology is present - usually for free - in most of the modern operating systems. This will prevent a laptop loss becoming a security nightmare: even if there is no actual sensitive document on the laptop, the browser cache, page file, e-mail store and cached credentials can provide a lot to an attacker.

I even suggest that everybody's laptop and mobile device be encrypted: better regret the loss of your precious tablet than regret the loss of your precious tablet AND of all your money on your bank account.

Under Windows 7, that's BitLocker, Mac OS X has FileVault and Linux offers ecryptfs. You may also look into Bruce Schneier's TrueCrypt. And if it's not enough, some vendors have commercial offerings.

But beware: encrypting your disk is only part of the solution. In no way is it a silver bullet that will solve all your security problems.