August Deadline could stop more VA-like Losses Zero to encrypted in 45 days? That’s the amount of time the White House Office of Management and Budget (OMB) gave federal civilian agencies to fall in line with National Institute of Standards and Technology (NIST) guidelines regarding the encryption of stored data.The mandate came after a string of security lapses that culminated in May, when a laptop containing millions of Social Security numbers was reported stolen from the home of an employee at the Department of Veteran Affairs. But even with a head start, is the Aug. 7 deadline realistic?It depends, said security expert Andrew Krcik, vice president of marketing at the encryption technology vendor PGP Corp. “Deployment isn’t the barrier,” Krcik, said. “The question is how comprehensive your approach will be.”At a minimum, government agencies should deploy whole-disk encryption for end-point devices, managed by a centralized server that provides comprehensive key management and policy provisions. Encryption should also cover backup functions, such as saving data to a USB flash drive, he said.Still, it’s unclear how seriously the OMB will enforce its latest guidance. “The speed with which organizations comply will be directly related to enforcement. If the OMB is going to do audits on Day 46, you’re going to see everyone complying,” said Rob Sadowski, senior manager in EMC’s information security division. Software DevelopmentDatabasesTechnology IndustrySecurityData and Information SecuritySmall and Medium Business