Password Security Quiz: Are You Safe?
Password Security Quiz: Are You Safe?
How to Protect Yourself from Data Breaches
How to Protect Yourself from Data Breaches
10 Best Password Management Products
10 Best Password Management Products

Stolen NASA Laptop Prompts New Security Rules

Ben Weitzenkorn, TechNewsDaily Staff Writer
Date: 15 November 2012 Time: 12:15 PM ET
Technews-daily
The logo of NASA, the National Aeronautics and Space Administration.
The logo of NASA, the National Aeronautics and Space Administration.
CREDIT: NASA

A "large number" of NASA employees may be at risk following the theft of an unencrypted agency laptop and several other documents from an employee vehicle. The theft has prompted the space agency to adopt new security procedures.

"We are thoroughly assessing and investigating the incident, and taking every possible action to mitigate the risk of harm or inconvenience to affected employees," Richard Keegan Jr., NASA's associate deputy administrator, said in a Nov. 13 email to all NASA employees.

"The Administrator is extremely concerned about this incident and has directed that all IT security issues be given the highest priority," Keegan said, referring to Charles Bolden Jr., NASA administrator since 2009.

Last year, NASA admitted that similar data breaches had resulted in the loss or theft of 48 portable electronic devices. Among the data compromised were International Space Station command-and-control codes and employees' personal information.

In one case very similar to the current one, a laptop was stolen in March 2011 from an employee's car at the Kennedy Space Center in Florida.

The latest breach, which occurred on Oct. 31, finally spurred NASA into action. The space agency has enacted new policies, including mandatory full-disk encryption for NASA-issued computers that go off the premises.

"This applies to laptops containing PII [personally identifiable information], International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR) data, procurement and human resources information, and other sensitive but unclassified (SBU) data," Keegan said.

The new rules will apply to all laptops, regardless of what they contain, a statement said. Encryption on all NASA devices must be completed by Dec. 21.

In addition to the new encryption rules, NASA will forbid employees from storing sensitive information on mobile devices such as smartphones and tablets. All data not immediately required must also be deleted from local hard drives and stored on networked drives instead.

As of February, only one percent of NASA laptops were encrypted, Kaspersky's Threatpost security blog reported. The agency that was once at the edge of technological accomplishment and took us to the moon may have some catching up to do.

Follow Ben on Twitter @benkwx.

MORE FROM SPACE.com

  • Aurora over Oregon

    Image Albums

  • Buzz Lightyear Becomes Real Space Ranger

    Countdowns

  • Venus' southern hemisphere, as seen in the ultraviolet.

    Topics

  • Astronomers have discovered an Earth-size planet orbiting one of the nearest stars in our galaxy.

    Infographics

Company Pages
TechMediaNetwork Brands
JOIN OUR MAILING LIST
Join our community
Follow Us On
RSS
Facebook
Twitter
YouTube
Copyright © 2013
TechMediaNetwork.com
All rights reserved.