Thursday, October 18, 2007

Security, please

When you hear the word security in the title of a government agency – for example, the Transportation Security Administration – you get the impression they must be experts in the area of security. In this case, you would be wrong.

Yesterday, Land Line reported on the theft of two laptops that were stolen from a contractor who was working for TSA. That is a concern in itself, but the fact that those stolen laptops contained the names, birthdays, CDL numbers and, in some cases, Social Security numbers of nearly 4,000 commercial drivers who haul hazardous materials, makes it a huge security breach.

Although the contractor said the data had been erased from the stolen laptops, TSA officials have admitted that someone with computer skills could possibly retrieve the data on the computers’ hard drives.

TSA officials have instructed the contractor to fully encrypt hard drives from now on.

Gee, you would think TSA would have data encryption procedures already in place when dealing with outside contractors who have access to personal information. Shouldn’t that be standard security in today’s digital world?