"Due to the fact that the NASA systems lack the necessary controls to protect information, allow foreign nationals access to the networks, and allow remote access, the Panel concludes that the NASA networks are compromised. Publicly available reports on systemic data breaches across the country, NASA's own internal reports, and briefings given to Academy staff leave little doubt that information contained on the NASA IT systems is compromised."
"Our first panel today will focus on issues in NASA's security controls that were brought to light through the work of the National Academy of Public Administration. Governor Thornburgh, a NAPA fellow, led a team of experts in a comprehensive review of NASA security practices, culminating in a report that was issued about two months ago ... To my great frustration, the full contents of those reports are restricted and the publicly available executive summaries are lacking in many of the details and examples that are needed to fully understand the scope of the problem."
Keith's note: What is baffling is how Rep. Wolf, Culberson et al embrace the report findings that NASA's IT systems are flawed and have been compromised - and yet they want to fully release the same report that exposes these faults in great detail (so the people who want to cause problems will have a user guide.)
Rep Culberson wants Wolf to find a "part of #NASA that is important and fence it off until agency comes into compliance" on security issues— NASA Watch (@NASAWatch) April 8, 2014
- OIG: NASA Has No Idea How Many Portable Devices It Has, earlier post
- NASA Admits Antiquated Record Keeping Capabilities, earlier post
- Earlier IT posts