Agency partnership improves mobile data security
Connecting state and local government leaders
The Data at Rest Tiger Team, DOD's Enterprise Software Initiative and GSA's SmartBuy are part of an effort to improve security on mobile computing devices and removable storage media at all levels of government.
An interagency task force has yielded $84 million in savings and the sale of nearly 1.4 million data-at-rest (DAR) encryption licenses.
The Data at Rest Tiger Team (DARTT), in partnership with the Defense Department's Enterprise Software Initiative (ESI) and the General Services Administration's SmartBuy enterprise software-licensing program, spearheaded the effort to improve security on mobile computing devices and removable storage media at federal, state and local agencies and NATO.
'This has been a rapid, unique and unprecedented intergovernmental initiative,' said David Hollis, DARTT program manager. 'DARTT has been very successful in improving the government's mobile data security posture while offering deep product and service discounts across the government. To date, federal, state and local governments have purchased essentially $103 million worth of products at an actual cost of $19.2 million.'
However, Hollis added, 'there are still too many mobile computing devices across the Department of Defense in need of DAR encryption. The Dec. 31, 2008, deadline is fast approaching, and we need more agencies and government contractors to get on board and start using these approved [blanket purchase agreement] products to protect our sensitive unclassified government' data and personally identifiable information (PII).
'We need to make sure we are keeping up with the advances in encryption product technology so as our adversaries improve their attack methods, we are equipped to defend our sensitive unclassified and PII data,' said Robert Lentz, deputy assistant secretary of Defense for information and identity assurance.
ESI and SmartBuy awarded 12 BPAs in June 2007 for DAR encryption products and services. The agreements support DOD's mandate to implement data-at-rest encryption on all mobile computing devices and removable storage by Dec. 31. The BPAs also help agencies meet Office of Management and Budget requirements for encrypting all mobile computers and devices that carry agency data unless the data is determined to be nonsensitive.
NEXT STORY: Mass. delays enforcement of data security regs