Stolen NASA laptop held Space Station control algorithms

Encryption has been a bugaboo for NASA for a long time

ISS
The lack of key IT security protection is hurting NASA.  According to a report issued by NASA Inspector General Paul Martin, security problems have gotten so bad that the March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station.

"NASA reported the loss or theft of 48 Agency mobile computing devices, some of which resulted in the unauthorized release of sensitive data including export-controlled, Personally Identifiable Information, and third-party intellectual property. Encrypting sensitive data on notebooks and other mobile computing devices is a widely recognized best practice and an action required by the Office of Management and Budget," Martin stated. 

Other news: 12 seriously cool "toys" for big boys and girls

"However, NASA has been slow to implement full-disk encryption on the notebook computers and other mobile computing devices it provides to its employees, potentially exposing sensitive information to unauthorized disclosure when such devices are lost or stolen. In fact, in its fiscal year (FY) 2010 report to Congress on FISMA implementation, the OMB reported a Government-wide encryption rate for these devices of 54%. However, as of February 1, 2012, only 1 percent of NASA portable devices/laptops have been encrypted," he stated.

Until NASA fully implements an Agency-wide data encryption solution, sensitive data on its mobile computing and portable data storage devices will remain at high risk for loss or theft, Martin said.

The encryption problem was outlined in an overarching report that was highly critical of NASA IT security practices in general.

"In 2010 and 2011, NASA reported 5,408 computer security incidents that resulted in the installation of malicious software on or unauthorized access to its systems. These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services seeking to further their countries' objectives. Some of these intrusions have affected thousands of NASA computers, caused significant disruption to mission operations, and resulted in the theft of export-controlled and otherwise sensitive data, with an estimated cost to NASA of more than $7 million," Martin stated.

Follow Michael Cooney on Twitter: nwwlayer8 and on Facebook

Layer 8 Extra

Check out these other hot stories:

Rapidly evolving low-cost mobile technology keeps the military up at night

25 alleged Anonymous members busted by Interpol

FTC: Identity theft still top consumer blight

US wants natural gas as major auto fuel option

Beyond Exabytes: Massive supercomputer needed for colossal space telescope

NASA: You know you're a Geek if....

Space junk funk: The anniversary of the Cosmos/Iridium satellite crash

Wringing out $79B worth of IT: Feds debate system duplication

IRS unearths Dirty Dozen tax scams of 2012

US could save $4.4B by dumping paper $1 bill for coin

Copyright © 2012 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022