http://www.fcw.com/online/news/152634-1.html
By Wade-Hahn Chan
FCW.com
May 22, 2008
Some lawmakers want NASA to determine where the agency stands on
information technology security and report back to Congress.
The fiscal 2008 NASA Authorization Bill . which has cleared the House
Committee on Science and Technology Committee's Space and Aeronautics
Subcommittee - has language that would require the space agency to
submit two reports to the committee on IT security plans.
The first report would include details on NASA.s mission-critical
network security controls, featuring the following:
* The network's ability to limit, detect and monitor access to
resources and information to safeguard and protect it from
unauthorized access.
* How network resources can be physically accessed.
* The extent of encryption on sensitive research and mission data.
The subcommittee also adopted language to require the Government
Accountability Office to perform detailed vulnerability assessments on
NASA's networks.
GAO would then compare the results of those assessments with previous
intrusions into the system, successful or attempted, over the past two
years. The lawmakers also want GAO to determine what NASA is doing to
plug any security holes. The measure was approved and referred to the
full committee in May 20.
The bill would require NASA to submit the reports to Congress a year
after the bill becomes law.
Received on Fri May 23 02:13:29 2008