Governor M. Jodi Rell today announced that the Connecticut Department of Information Technology (DOIT) has selected a new encryption tool for use by state agencies for laptop computers and other mobile computing and storage devices.
The tool, developed by SafeBoot, will be used for encryption of information on laptop computers and other devices that store data. It was selected by DOIT and an interagency working group of 24 information technology professionals from 12 agencies.
The tool will be deployed as soon as possible to agencies in accordance with Rell's directive and the new policy on security for mobile computing and storage devices, announced September 10, 2007. The tool is currently available through an existing federal contract, ensuring favorable pricing to the state.
"We are taking every step possible to safeguard sensitive state information," Rell said. "The best solution is to ensure that as little information as possible is removed from state offices. But on those occasions when we must take information on the road to perform state business, this encryption program will make sure that no unauthorized person will be able to access it or use it.
"I appreciate the diligent work by everyone who has worked to select a standard encryption product for agency use," Rell stated. "They have performed a difficult task under a very tight timeline and our state will be more secure for it. The next step is execution of a workable deployment strategy. I expect all agencies to cooperate in this accelerated effort to secure our mobile computing and storage devices."
DOIT is currently surveying agencies to determine the number of devices requiring encryption and working on a rapid acquisition and deployment strategy for the encryption tool.
Governor Rell also announced additional protections today for state BlackBerry devices. On September 24, more than 700 state BlackBerry users received a notice that the use of passwords had become mandatory in order to access data on the handheld computing device.
In addition, they were also notified that all passwords would have set expiration dates and must be changed regularly. Information on the BlackBerry will be erased and the device deactivated after multiple unsuccessful log-in attempts.
"Not using a password poses an unacceptable risk," Governor Rell said. "These latest measures are part of safe and responsible use of the taxpayer-funded equipment and information with which we have been entrusted."