Tuesday, December 07, 2010

Report criticizes KSC's handling of excess shuttle program computers

Staff at Kennedy Space Center, among other NASA centers, inappropriately released sensitive NASA data by failing to properly clean computers the shuttle program is getting rid of, according to a report released today by NASA’s inspector general.

According to the report, KSC staff:
-- Released 10 computers to the public that still contained NASA data after failing "sanitization" tests intended to show the data had been erased.

-- Was preparing to sell several pallets of computers, each holding 44 computers, that contained external markings that prominently displayed NASA’s Internet Protocol information. Hackers could use to attack NASA networks and obtain sensitive information.

-- Left hard drives removed from excess computers in an unsecured dumpster accessible to the public, a finding the report called "most concerning."

Notified of the problems, KSC established a “Tiger Team” to quickly respond to the issues, according to the report.

Flawed procedures were also found at Johnson Space Centers and the Ames and Langley Research Centers.

"Our review found serious breaches in NASA's IT security practices that could lead to the improper release of sensitive information related to the Space Shuttle and other NASA programs," Inspector General Paul Martin said in a statemen. "NASA needs to take coordinated and forceful actions to address this problem across all of its Centers."

Read the full report here.

IMAGE: IT equipment confiscated by OIG personnel from Kennedy’s Property Disposal Facility. Credit: OIG photograph, June 11, 2010.

1 comment:

Conor said...

Expect the information to turn up on Wikileaks any day now.