2. Don't ever put data on laptops, or take laptops out of buildings (this makes it hard for the government employees to work from home, meet contractors etc, so there is a large cost associated with this.
It may be true for some of the data that gets lost (e.g. a laptop with security plans for a major event) that not putting it on a laptop would be an inconvenience, but there are many many cases of lost data (and it's not just the government that this happens to) where they leave behind a laptop or portable storage device that has a database of individuals' data on it. There is no excuse for this ever being on a personal computer. If they need to work out of the office they should VPN onto the corporate network and access the data remotely.
I applaud encryption of the data, it's a step in the right direction. But, in the words of XKCD, "strictly speaking it's better than the alternative, yet someone is clearly doing their job horribly wrong".
EDIT: Of course, even on the server, the data should still be encrypted.