after story of government laptops being stolen
and compromised, the U.S. government is making progress in encrypting all
information stored on its data devices. On June 23, 2006, a memorandum (PDF)
from the Executive Office of the President mandated that all government mobile
computers and devices must fully encrypt all data. The document recommends the
following actions for all departments and agencies:
To fulfill the above requirements, the U.S. government began
searching for the best full-disk encryption (FDE) solution in the form of an open contest. All data stored on the device must be
encrypted, including swap space and temporary files that may contain sensitive
data -- the user should not have the capability to decide what gets encrypted and what does not.
Destroying cryptography keys are
also a quick way to destroy the data on a FDE system. To prevent this, the winner of the government search must also provide the capability of holding keys in escrow.
The original memo from the government intended that all
safety measures were to be in place 45 days from the issue of the mandate, but
according to this
source, the U.S. government will conduct a 90-day evaluation of technologies
to find the best solution. The product selected as the best will be implemented
on all governmental agency computers, which potentially could result in the
largest single implementation ever of FDE.
The information regarding the encryption solution
selection process can be found in a U.S.
Air Force section on the Federal Business Opportunities page, though the
mandate from the President is believed to be government-wide. Found on the
military’s Air Force site is a list
of requirements and competing
vendors (XLS) for the program.