Finally, after all of the crazy data theft, the Bush Administration is giving federal civilian agencies 45 days to comply with new recommendations for laptop encryption and two-factor authentication. I can’t believe this wasn’t a standard before, but oh well, from now on out this has to be. Next up, private industries, while not under any direct order, it’s going to be something they have to do to give their customers the assurance that they’re doing something about the problem. See Breaches since Choicepoint or my other Choicepoint story for more background on the extent of this issue.