NASA recently lost a laptop from the locked vehicle of one of its employees. The laptop contained data which NASA said was ‘sensitive personally identifiable information.’ More importantly, it wasn’t encrypted. To counter any such future incidents, NASA has now ordered all data on its portable computers to be encrypted.
It is rather surprising to note that the space agency has taken the measure only now. Encryption of sensitive digital data is a very common practice among professional organizations, something which ensures that even if an organization loses such data, it is of little or no use to the unconcerned individual who discovers it.
The laptop that the NASA employee has lost was password-protected but breaking the password is a fairly easy task for an adept hacker.
Given the nature of the lost data, NASA issued a director to all its employees stating, “All employees should be aware of any phone calls, emails, and other communications from individuals claiming to be from NASA or other official sources that ask for personal information or verification of it.”
As a result of the incident, NASA has further ordered that none of the portable machines issued to its employees may leave its facilities until all important data contained on them is encrypted. Once the data is encrypted, the person who finds it will need a key to decrypt it, something which is not entirely impossible but is a fairly hard task.
The agency has also been criticized for this data loss as similar incidents have occurred in the past and it seemed to have taken no significant measures to counter them until now.
Source: Space Ref