Red Tape Trips Up Security

Vendors and the US government aren't on the same page when it comes to storage security

Data Protection Summit -- IRVINE, Calif. -- Lack of communication between storage vendors and federal government is hindering agencies' security efforts, according to IT managers here today.

Speaking during a panel discussion this morning, Lynn Saxton, a systems administrator at the Los Alamos National Lab warned that most disk encryption vendors have still not met the demands of FIPS PUB 140-2, a critical government cryptography requirement. "We're required to be a FIPS environment, [but] not everyone gets their device certified," he said.

FIPS, or the Federal Information Processing Standards, is a set of specs for encryption, authentication, access, archiving policies, and data transfer, among other functions.

The exec admitted that this is limiting technology choices at Los Alamos, which is at the forefront of U.S. nuclear research. "It would make my life much easier," he says. "There needs to be collaboration between government and industry to develop solutions that we're able to use."

Read the rest of the story at Byte and Switch.

— James Rogers, Senior Editor Byte and Switch

Editors' Choice
Jai Vijayan, Contributing Writer, Dark Reading
Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading