This is not a NASA Website. You might learn something. It's YOUR space agency. Get involved. Take it back. Make it work - for YOU.
IT/Web

DAR Implementation Email from LaRC Center Director Lesa Roe

By Keith Cowing
NASA Watch
December 14, 2012
Filed under , , ,


“The Administrator has told all of his direct reports that he expects 100 percent completion by the 21st or it will be reflected in our performance. For clarity, I will do the same with each of you. I think you all know this but I will state it clearly … this isn’t an option … it is mandatory for employment” …
… “Let me be clear, there are NO exceptions to the Agency-wide directive and it applies to every employee and every laptop. I am directing supervisors to ensure that employees take whatever steps are required, including adjusting employee leave schedules if necessary, the ensure that every laptops is DAR encrypted, waived, or excessed by next Friday, December 21st. Employees who do not comply are in violation of clear Agency direction aan coud face disciplinary action up to and including removal from Federal Service.”

Larger image

NASA Watch founder, Explorers Club Fellow, ex-NASA, Away Teams, Journalist, Space & Astrobiology, Lapsed climber.

8 responses to “DAR Implementation Email from LaRC Center Director Lesa Roe”

  1. Gonzo_Skeptic says:
    0
    0

    [comment deleted]

  2. Bernardo de la Paz says:
    0
    0

    Is excessing an unsecured laptop in the best interests of data protection?

    • thebigMoose says:
      0
      0

      The drive is either wiped per military specifications before excess, or the drive removed and physically destroyed.  No risk here without a process escape.

  3. Zorba_the_AMerican says:
    0
    0

    Looks like leadership is taking the bull by the horns here, which cant hurt mitigate any concerns employees might have about possible future exposure. Good for her.

  4. dogstar29 says:
    0
    0

    In my opinion the DAR deployment was a rather simplistic and poorly chosen response to the problem, since every user needs a separate account on every laptop he/she uses, and all accounts have to be installed physically by IT administrators. This makes it extremely cumbersome to do actual research and development. Directory and partition encryption was already available and would have avoided the cumbersome spectacle of multiple user accounts with unsynchronized expiring passwords, since DAR cannot use domain authentication. NASA’s cost in implementing DAR has been immensely greater than its actual cost from the stolen laptop. The biggest failing, in my opinion, was the lack of any serious discussion with users before the DAR package was pushed to every laptop, most of them never taken off center, and more than a few desktops. I personally know of a hard drive that was irretrievably scrambled by the DAR installation. Keep in mind that there is no indication that the thief even accessed the hard drive, since (SFAIK) there has been no actual attempt at identity theft, and most people who steal laptops just reformat the drive and sell them.

  5. northcross says:
    0
    0

    Ms. Roe is simply following orders, so I am not faulting her. What we are seeing is the hand-wringing bureaucracy doing what it does best, implementing knee-jerk responses that do nothing but punish the innocent and decrease productivity. Behavior that just a little while ago was perfectly legal and reasonable can now get you fired? Think about that.

  6. objose says:
    0
    0

    Some days, the “XXXX” just needs to get done. It may be true that it was “ok” in the past and this may stress some people out. However, given what has happened so far, and the risk of what could happen, it is time to put teeth in things. NASA does not need more of Steve’s posting on how bad security is! Steve will spill his holiday  hot chocolate drooling over the opportunity! Just kidding Steve, you pointing out the problems with the issue helps move the ball along. NASA does not need this kind of bad publicity. It needs better holiday videos. 

    Temporary waivers would not affect productivity, but then there would at least be a list that could be systematically addressed. I have the two stage sign in. A bit of a pain, but my productivity is not impacted in an unreasonable way. 

  7. Fred says:
    0
    0

    Wow what a concept. Holding direct reports accountable for their actions.  Imagine if NASA management chain  were to be held accountable for going over budget.