 |
|
 |
|
|
||
 |
| |||||||
|
|
January 14, 2008 Data Encryption Contract Awarded
HB 2785, Section 23 of the 2007 legislative session required that on or
before September 30, 2007, the Government Information Technology Agency issue a
request for proposals to contract for solutions to encrypt stored data of
personal information for all state agencies that maintain more than ten thousand
records that contain personal information. The contracts offer encryption services in six categories: Full Disk: Full-disk encryption encrypts all data on a computer’s hard drive including the entire operating system, all applications, and any user data. With full disk encryption, a thief may gain possession of your laptop, but ALL data is rendered unintelligible and unusable. File Encryption: File encryption software allows a specific set of files or folders on a computer to be encrypted. File encryption solutions provide automatic security because encryption capabilities must be applied to each new file or folder created by the end user. Back-up Media and Archiving: Back-up and archive media encryption provides benefits not only in protecting data at rest but also in the disposal of backup media. By deleting the encryption key, media is rendered unreadable and with a rotating key sequence, a regular pattern of retention and disposal can be automatically enforced. Mass Storage (SANs, NAS Encryption): A storage area network (SAN) is an architecture that enables the attachment of remote computer storage devices (e.g. fixed disks, optical drives, tape libraries) to servers in such a way that the devices appear as local devices. Network-attached storage (NAS) devices are file-based protocols where it is clear that the storage is remote. The successful acquisition, deployment, maintenance and operation of efficient mass storage encryption methodologies are an essential element of the overall strategy to secure the State’s valuable data assets. Database Encryption: Database encryption entails encrypting physical data within a database, either by encrypting the entire database or application or encrypting sensitive elements within a database such as specific columns, rows, or fields. Database encryption allows for the protection of sensitive and confidential data stored by the State. Removable Storage Drives and Devices Removable storage drives and devices such as a USB flash drive (also known as “flash drive,” “thumb drive”, “pen drive,” “keychain drive,” “key drive,” “USB key,” “USB stick” and “memory key.”) is comprised of a memory card that plugs into a computer’s USB port and functions as a portable hard drive. USB flash drives must have built in password/security capabilities and can be purchased with encryption software pre-installed on the device’s hardware, or file encryption software can be purchased after-the-fact for installation. Removable storage encryption protects the State’s data stored on these highly mobile devices.
|
|
