Well, finally we see some movement on a positive side with regards to encryption in the government space. The Securities and Exchange Commission is seeking “sources for encryption of all user data on all agency laptops and portable media devices”. This is a welcome change in direction after the nightmares that we have seen with such organizations as the Veteran Affairs fiasco. Here are some of the interesting requisites:
Among SEC’s management and recovery requirements, the encryption product must let enterprise policies be centrally configured and be fully integrated with Active Directory for managing policies and user authentication.
The encryption product also must support single-sign on technology, so users only log into the bios-encryption application.
The product must be able to encrypt all portable media storage devices, including USB thumb drives, floppy disks, writable DVDs and CDs, and personal digital assistants’ technologies.
As with most progress in the security arena, it requires a disaster (VA) to spur others to move forward. So, a simple thanks to the VA for acting as the sacrificial lamb catalyst.
Oh, and if you want to cash in on the SEC RFP they need responses by August 25, 2006.
[tags]SEC, Encryption, Laptop Encryption, Mobile Device Security, RFP[/tags]