One of the recurrent themes of 2006 was notebooks crammed with sensitive data being stolen or lost. The worst incident was in early May, when a Department of Veterans' Affairs laptop containing personal information on 26.5 million vets went missing. The government took quite a hit, so it's good to see it taking steps to confront the situation.
This Dark Reading story says that several big vendors -- including Dell, Microsoft, Seagate, Credant, Merlin, PointSec and SafeNet -- are participating in a 90-day "bake off" to select encryption technology for the machines. A lot is unclear about the competition, which will end in March. It's also important to note that this isn't the first move by the government toward encryption after the theft, but clearly is the most ambitious.
This is good news, and not just for the government (and veterans). Such large-scale purchases do a couple of things. Putting a bunch of money in front of vendors encourages them to improve the technology and lower prices. Also, organizations outside of the government will take the hint. Encrypting data on laptops will become cool (well, almost).
The bake-off is occurring even as skeptics recognize the dangers of laptop computing. This commentary in The Register by Guy Kewney says that it indeed is time to take wireless security seriously. His rationale for putting it on the back burner in the past wasn't the thought that wireless networks were secure. Kewney's position was that it simply didn't matter too much that they weren't.
The idea was that corporate wired networks also were insecure and, since they held far more valuable data, crackers would go after them first. Now, Kewney says, wired security is improving -- making wireless a comparatively more inviting target -- and executives are going on the underground (Kewney is in the UK) with laptops overflowing with valuable data.
Even if Kewney was a bit of an iconoclast or perhaps a bit late in recognizing the increasing value of the data being toted around -- there is nothing in his column that couldn't have been written a year ago -- his recognition of the problem is significant. That, along with the stir being created by the feds, raises the possibility that mobile computing will gradually become safer during 2007.