Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FW: [ISN] NASA info security controls are broken, GAO concludes
- From: Howell, Paul
- Date: Mon Oct 19 09:00:26 2009
-----Original Message-----
From: isn-bounces@infosecnews.org [mailto:isn-bounces@infosecnews.org]
On Behalf Of InfoSec News
Sent: Monday, October 19, 2009 2:47 AM
To: isn@infosecnews.org
Subject: [ISN] NASA info security controls are broken, GAO concludes
http://gcn.com/articles/2009/10/16/nasa-info-security-controls-broken.as
px
By William Jackson
GCN.com
Oct 16, 2009
Key information technology systems at NASA have weaknesses in several
critical areas that could lead to those systems being compromised,
according to the Government Accountability Office.
Although controls are being implemented as part of a risk-based
information security program, required under the Federal Information
Security Management Act, controls were not always adequate or
consistently enforced, resulting in security gaps in physical and
logical perimeters and leaving vulnerabilities in networks and systems.
"A key reason for these weaknesses was that NASA had not yet fully
implemented key elements of its information security program," GAO said
in its report [1], NASA Needs to Remedy Vulnerabilities in Key Networks.
"As a result, highly sensitive personal, scientific, and other data were
at an increased risk of unauthorized use, modification, or disclosure."
The space agency agreed with GAO's recommendations for strengthening and
completely implementing security controls.
[1] http://www.gao.gov/new.items/d104.pdf
[...]
------------------------------------------------------------------------
To unsubscribe from netsec, send mail to majordomo@merit.edu
with a body consisting of the words "unsubscribe netsec" --
without the quotes. For more help, send a message to majordomo@merit.edu
with the word "help" as the body.
------------------------------------------------------------------------
|
