MacKenzie Elmer reports:
A state audit found unencrypted laptops and portable devices that may store sensitive information at the University of Northern Iowa could pose a risk to the university, but UNI officials said there’s no evidence that’s the source of the mass identity theft that cropped up after employees filed their taxes this year.
In its most recent audit released July 3, state auditors found encryption software had not been installed on all laptop computers and portable storage devices, including USB drives, that could store sensitive information.
[…]
Officials said they still don’t know how the identity thefts occurred and continue to investigate. They have hired Halock Security Labs to provide consultative services related to security of information technology systems.
But they said they don’t believe an unencrypted laptop is behind it.
[…]
“All the machines that have even a remote chance of any kind of personal or sensitive information on it have been encrypted since 2006,” Ketelsen said.
Read more on WCFCourier.