The VA incident prompted the Office of Management and Budget to require the U.S. government to deploy encryption on laptops and strong authentication on all remote access. Encryption is becoming mandatory outside the government. In Nevada, businesses may not transfer the "personal information of a customer" without "encryption to ensure the security of the electronic transmission." And in Massachusetts, a new law requires monitoring and encryption of all portable devices for "all persons that own, license, store or maintain personal information about a resident of the Commonwealth."
Posted by rlssec