Follow the data

Michael Vergara, director of product management at RSA Security Inc., said he warns customers that it takes time and effort to secure information on an open network using cryptographic technologies.

The challenge for federal officials is understanding the data and how it flows through an agency. "I tell people: 'I can easily secure your data, but you have to tell me which data is valuable and which data is not,' " Vergara said. "That by far is the harder problem."

To help make that easier, security experts at the National Institute of Standards and Technology are revising a draft document that, when completed, will tell federal officials when they must use encryption to ensure data privacy and use digital signatures to guarantee data integrity.

"That's going to be a biggie," said Ed Roback, chief of NIST's Computer Security Division. But until that document, Special Publication 800-53, is completed and its recommendations become requirements, he said, federal officials are on their own in determining when they need to use cryptographic technologies.

One trend security experts expect to see grow is the use of cryptographic technologies inside agency firewalls, where, according to the experts, most federal information security breaches occur.

The 2014 Federal 100

Get to know the 100 women and men honored this year for going above and beyond in federal IT.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above