Communications agency looks to protect data Published Jan. 18, 2008 By Theresa Corzine Air Force Communications Agency SCOTT AIR FORCE BASE, Ill. (AFPN) -- Air Force Communications Agency members here are aggressively developing a solution to protect personal and other sensitive information from being stolen and misused. Several government agencies have been victims of compromised data stored on stolen or lost computers during the past few years, and the Air Force is certainly not immune to this threat either. As recently as December 2007, more than 10,500 records were found missing from a laptop computer in the Washington, D.C., area. Many computer hackers target e-mails, Internet traffic and other "data in motion" to gather and steal information. However, information doesn't have to be moving to be vulnerable. There's a growing interest among U.S. adversaries to target information on mobile computing devices such as laptop hard drives, USB thumb drives, CDs, diskettes and other physical media that store "data at rest." As new policies and business practices demand more mobile command and control functions, the Air Force's inventory of mobile computing devices has grown to meet the need. These mobile computing devices have become an integral part of conducting work in today's Air Force, but they also pose a significant threat to protecting information. Many Air Force members store personally identifiable information (Social Security numbers, phone numbers, addresses, birth dates, etc.) on mobile computing devices, and identity thieves use this data to steal personal information and misuse sensitive government information. In the face of this growing vulnerability, the Department of Defense issued a memo that mandates "data at rest" encryption on all mobile computing devices. Complete fielding of this effort is projected to be accomplished by February 2009. Shielding unauthorized access to this data through encryption is necessary to protect the integrity and confidentiality of this important data. The Air Force solution for encrypting "data at rest" will protect information on all storage devices either connected to or located within a mobile computing device. If an adversary steals a device that contains encrypted data, the information on that device will be useless without the authorized user's key to access it. So, instead of making another negative front-page news story based on stolen information, the Air Force will simply lose the cost of the stolen mobile device while saving sensitive military planning and personal information from getting into our adversary's hands. By deploying this "data at rest" encryption capability, the Air Force will protect information that can easily be used by the enemy and criminals for possible terrorist activity, financial gain, or other rogue activities. (John Wagnon also contributed to this story.) Comment on this story (comments may be published on Air Force Link) View the comments/letters page