Total Encryption

IT managers see an increasing need for data encryption.

Nguyen also deployed Absolute Software's Computrace, which lets systems administrators see where every notebook is at a given time, who is logging in and what software is installed. It also allows them to remotely wipe the data from the hard drive if the unit is stolen.

As the IT department installs Windows 7 on the notebooks, it also includes Microsoft's BitLocker Drive Encryption, a full-disk encryption system, which uses the built-in TPM chip to fully encrypt the hard disks.

“With BitLocker installed and TPM enabled, our notebooks will be fully encrypted,” Nguyen says. “When you think about the amount of information our students and staff have, and have access to, making sure the devices are encrypted and protected is extremely important.”

Kent School District is doing the right thing, says Michael Spinney, senior privacy analyst with the Ponemon Institute, a security research group. In fact, a recent report on encryption by the institute found that more than 90 percent of organizations now believe that data protection is either a “very important” or “important”part of their risk management efforts, rising significantly from previous surveys.

“There was a point in time when device encryption may have been good enough, but that time has passed,” Spinney says. “With devices getting so small, people becoming so mobile, electronic communications so pervasive and hackers becoming so good at what they do, encryption at the data level is a critical piece of the security solution.”

Not all school districts are as far along with data encryption as Kent School District. Most are like Jefferson County Public Schools in Golden, Colo., where information security manager Chris Paschke looks forward to when the budget becomes less of an impediment.

“We see both full-disk encryption for our laptops and e-mail encryption as priorities, but we're still trying to find the money and the best way to go about it,” he says.

Probably the first step will be e-mail encryption, which Paschke says is a greater concern, especially when it comes to protecting healthcare data sent via e-mail. The search for an e-mail encryption tool is under way, and Paschke expects a decision to be made by the next school year.

Only after e-mail security is implemented will the IT team begin to consider how best to use data encryption for the 500 to 1,000 notebooks that are most susceptible to data breaches. Paschke envisions a hardware solution as opposed to software because he says hardware is easier to manage.