NASA loses another laptop with unencrypted confidential information
The NASA we usually offer, quite frequently, spectacular images of space launches of their ships or some of its projects such as robots. However, the U.S. space agency is also known for the repeated security breaches in information systems that have jeopardized its satellites or the International Space Station . Among the vulnerabilities of their networks, deficiencies in its process equipment data erasure withdrawn from use and no encryption of data stored on the hard drives of laptops of employees has brought the colors on more than one occasion to this agency that theoretically handle classified information. Indeed, this week has seen a new case of information leakage ^ ^ agency to having been stolen from an employee’s laptop that he kept in his car and that, indeed, ** had information unencrypted.
Put your computer in the car and someone force the lock or break a window crista to steal the laptop is something that can happen to anyone anywhere in the world, however, if the sensitive information stored on portable staff NASA and confidential documents about projects being undertaken with external contractors, the picture becomes bleak.
One might think that in the case of NASA, the laptop would have tight security (biometrics, data encryption, etc.), however, responsible for the agency are quite concerned that the only security is an enrollment since the data are not encrypted, ie, the hard drive is susceptible to be removed and any USB enclosure or boot the computer with a Live CD to see what data is stored.
Given this security leak, which incidentally took place on October 31, NASA sent a statement Tuesday informing employees of what happened:
On October 31, 2012, a notebook of NASA and various official documents that handled an employee of our headquarters were stolen from his vehicle. The laptop contained records with personal information of a number of NASA employees, suppliers and others. Although the laptop was password protected, the hard drive was not encrypted, so the information could be accessed by unauthorized persons. We are carefully evaluating the incident and we are investigating in addition to taking appropriate measures to mitigate risks or discomfort for affected employees
Apparently, within the security measures being implemented NASA, encryption of information was one of the laptops being carried out and what then? Why this laptop was not encrypted? The answer is simple and devastating: the project for the encryption of data has its deadline on December 21 and, as you see, this team has not touched him.
A pretty amazing event.Tags: Data Encryption, NASA, safety