Boutelle: Encrypt mobile computers
He authorized Army staff to buy encryption software from Credant Technologies for immediate use on all laptop computers that have the potential for travel.
FORT LAUDERDALE, Fla. -- The Army has begun enforcing stronger encryption practices ahead of a new policy on data protection. Commands must clearly identify computers that users might travel with and begin encrypting them immediately, the Army’s chief information officer said.
“Data at rest is data at risk,” said Lt. Gen. Steven Boutelle, the Army’s CIO. He outlined ongoing efforts at AFCEA International’s LandWarNet conference here.
On Aug. 19, Boutelle authorized all Army staff to buy encryption software from Credant Technologies for immediate use on all laptop computers that have the potential for travel. “We’re saying if a computer travels, you will encrypt the hard drive,” he said.
Those computers represent the “first target of opportunity” in the effort toward full data protection, Boutelle added.
Software from Credant and Pointsec Mobile Technologies are the most prevalent encryption tools the Army uses, Boutelle said. But service members can begin encrypting their hard drives now, without buying anything, by using Microsoft’s Encrypting File System, which is part of Windows XP.
“You have that on your computer today…and very few people use it,” Boutelle said.
The moves are part of an interim solution, he said. In the long term, the Army will choose an enterprise encryption tool and rely on Microsoft’s Vista operating system for laptop PC security. Vista will interact with the Defense Department’s Common Access Card (CAC) to form a combination of data protection and identity security, Boutelle said.
“When you stick your CAC in, that public-key infrastructure algorithm will, with Vista, encrypt your hard drive,” he said.
The combination of Vista and CAC will enable the Army to avoid adding another key management system on top of PKI, Boutelle said.
The service will also incorporate Vista into the Army Golden Master standard PC configuration, which is mandatory for all Army desktop and laptop computers. Version 7.0 of the configuration is due out in February 2007, and Boutelle hopes Vista will be ready by then, he said.
Joe Capps, director of the Enterprise Systems Technology Activity at the Army’s Network Enterprise Technology Command, said Vista will be installed on Army systems in stages, with an initial rollout of 5,000 users. That will allow Microsoft to work out any bugs before the Army deploys the operating system servicewide, he said.