Another organization has confirmed that a device with personal information has been lost and – surprise – it wasn’t encrypted.
According to a report from Computerworld U.S., the National Aeronautics and Space Administration (NASA) says a large number of personal information on employees and contractors was on a laptop stolen from a car two weeks ago.
It was the second time this year a laptop with unencrypted personal data went into the ozone.
The most recent laptop to have suffered a lift-off was password protected, but – despite the earlier loss – the data is at risk because the still agency didn’t have a policy mandating staff to encrypt devices with personal information.
It reminds us of the recent loss of data sticks at Elections Ontario – which was worse. The agency HAS a policy that any device leaving the office with personally identifiable information must be encrypted. Contract staff handling the devices didn’t know how to make the encryption software work, and also assumed zipping the data was the same.