U.S. Government Agencies Slow to Deploy Crypto
Robert Lemos writes on SecurityFocus:
Following a slew of high-profile data breaches, U.S. government agencies have largely failed to roll out planned encryption deployments, leaving about 70 percent of their systems with unencrypted sensitive data, the Government Accountability Office stated in a recent report.More here.
The report, highlighted in a statement released by the House Committee on Homeland Security on Monday, found that the lack of a specific requirement to encrypt sensitive data has led to spotty information security. The White House's Office of Management and Budget recommended in 2006 that all agencies encrypt data on laptop computers and mobile devices. In 2007, the OMB made encryption for such devices a requirement.
"Encryption is not an option, it is a mandate," Rep. Bennie G. Thompson, D-MS, chairman of the House Committee on Homeland Security, said in the statement. "Unfortunately, I’m not surprised that despite mandates by OMB, the Federal government is only 30 percent of the way there."