This is a little stale but I wanted to talk about it anyway. With their latest actions, I believe the Department of Veterans Affairs is quickly becoming the poster child for reformed data loss victims.

(important to note that, in this case, the data was eventually recovered)

The VA announced a few weeks ago that they have purchased 25,000 USB drives with built-in encryption from Kanguru.

The built-in AES-256 encryption will help insure that only authorized users can gain access to the USB drive and will prevent another major meltdown if lost or stolen.

Also, it should be noted that Kanguru says that they can prevent users from attaching the devices to the network based on a device identification number.

I believe that this is a great step but one that must be accompanied by some level of control. I have stated in this blog a number of times that a policy without the means to enforce it, is just window dressing.

So, kudos to the VA on a positive step and showing corporate America the direction to move in. Just make sure that you keep the momentum going and block access to the unauthorized USB devices out there.

Michael Mongold

*** This is a Security Bloggers Network syndicated blog from Michael Mongold's Technology Security authored by Michael Mongold. Read the original post at: