Slashdot Mirror

← Back to Stories (view on slashdot.org)

White House Demands Encryption for Sensitive Data

Posted by ryuzaki0 on from the common-sense-after-the-fact dept.

An anonymous reader writes "Stung by a series of data losses or disclosures at federal agencies over the past month, the White House is requiring all agencies to follow new guidelines when allowing employees to carry sensitive data on laptops or access the information from afar, according to the Washington Post. From the article: 'To comply with the new policy, agencies will have to encrypt all data on laptop or handheld computers unless the data are classified as "non-sensitive" by an agency's deputy director. Agency employees also would need two-factor authentication -- a password plus a physical device such as a key card -- to reach a work database through a remote connection, which must be automatically severed after 30 minutes of inactivity. Finally, agencies would have to begin keeping detailed records of any information downloaded from databases that hold sensitive information, and verify that those records are deleted within 90 days unless their use is still required.'"

8 of 214 comments (clear)

  1. Wow... by nexcomlink · · Score: 3, Funny

    Why has this not been done before? But let me guess the encryption is ROT13.

    1. Re:Wow... by neuro.slug · · Score: 4, Funny

      Incorrect. Upper management thought that ROT13 was so good, they're using it twice for encryption.

    2. Re:Wow... by Jim+Hall · · Score: 2, Funny

      Be careful where you point that joke. My .sig at work over the last few years has been:

      This email message has been encrypted using the ROT-26 cipher.

      ..and I still get email from people to tell me that their computer was able to read my email, so Outlook must support this "ROT-26" encryption thing. And they aren't joking.

  2. Re:Oh, lookie here by wbren · · Score: 4, Funny
    Some great nuggets of information I found in that PDF:
    • The default settings of P2P applications share all documents and media files on your machine. Which P2P apps are they talking about?
    • P2P file exchanges generally violate international copyright laws. - Stop lumping P2P with piracy, DoD!
    • Enable Wired Equivalent Privacy (WEP) on all laptops, PDAsand wireless access points. - WPA anyone?
    • THE INTERNET IS ALWAYS WATCHING - But the DoD is always watching the Internet, so don't worry!
    • CLASSIFIED CPU's should be at least 3 feet from UNCLASSIFIED CPU's - Cooties?
    • Traveling with a government computer? Keep track of it! - Good thing you told me! I never take the time to keep track of my laptop when I travel.
    Also check out page 37 for the most hilarious picture ever included in a PDF (labeled 38 in the actual PDF).
    --
    -William Brendel
  3. THE TERRORISTS JUST WON!!!!!! by aichpvee · · Score: 2, Funny

    OMFG!!! By publishing this information the media is helping the terrorists! How will we ever win the wars on terror like this? I'm offended! There are folks that want to kill people out there!!!

    --
    The Farewell Tour II
  4. Awesome by Anonymous Coward · · Score: 2, Funny
    That's the most impressive thing I have heard from the U.S. Government in the last 7 years.

    It actually makes sense!

  5. Practical and impractical solutions.... by jkrise · · Score: 4, Funny

    A. Practical Solutions:
    1. As every agent who possesses sensitive information leaves office, shoot him.
    2. Destroy his/her/it's laptop.

    B. Impractical solutions:
    1. Build a new proprietary operating system for secret agents.
    2. Build proprietary hardware for them.
    3. Build scretive, propriateary network cards, that operate on proprietary, unpublished protocols.

    If neither Plan A or B seems workable, post Ask Slashdot for ideas!
    -

    --
    If you keep throwing chairs, one day you'll break windows....
  6. Why we need it... by DoofusOfDeath · · Score: 2, Funny
    So basically ALL data will be sensitive. We're not longer talking about CIA operatives or Pentagon generals with state secrets under the arm. It's the secretary of the editor of the "Golden Days" monthly that will access the name of one of the retirees it serves from her son-in-law's computer to see why Ms. Applewhite didn't receive her beloved issue last month. The secretary is not only not going to encrypt the data, she's blissfully unaware that her son-in-law hard disk is completely shared on eMule due to her son-in-law's imperfect grasp of eMule's share facility.
    The very fact that someone outside the administration is aware of the Ms. Applewhite / Golden Days incident proves the need for stronger encryption.