Projects: Security - Baseline
Home arrow Projects: Security arrow Page 4 - NASA Struggles to Fix Network Security Holes















Renew Your Subscription

Projects: Security



NASA Struggles to Fix Network Security Holes



By David F. Carr
2005-10-01
Article Views: 10542
Article Rating:starstarstarstarstar / 1

  Table of Contents:
  1. NASA Struggles to Fix Network Security Holes
  2. 'ZIFFPAGE TITLEDAY 1'
  3. 'ZIFFPAGE TITLEDAY 2'
  4. 'ZIFFPAGE TITLEDAY 3'
  5. 'ZIFFPAGE TITLEPostscript '
  6. 'ZIFFPAGE TITLENASA Base Case '

NASA has 80,000 employees, and works with more than twice as many scientists and other outsiders. The problem: Those log-ins could be used to access the agency's computer systems after the users have left, retired—or died.

Rate This Article:
Poor Best
Add This Article To:

NASA Struggles to Fix Network Security Holes - 'ZIFFPAGE TITLEDAY 3'


( Page 4 of 6 )

: Conclusions">

DAY 3: Conclusions

By Wednesday morning, I've written a draft of the panel's findings for the other members to review, but we're still not quite through with the presentations.

Ing gives us an overview of the $33 million project budget and how the original request for 15 project managers to oversee the implementation at each location was trimmed to 4.5 full-time equivalents (or about 15 people spending a third of their time on this). It's not news to anyone in the room that budgets have to be stretched, though. "The reality is, reality is no fun," Hevey says.

What worries the center CIOs more are the costs not shown on Ing's budget slides, such as the expense of integrating applications with the NISE architecture. The project engineers don't think it will be that hard to do a well-designed Web application—perhaps a couple of months of work per application in the beginning, down to one month once the developers gain experience with the process. Hevey says his own staff's estimate was "about a man-year," meaning the equivalent of one person's full-time labor for a year.

After a lunch discussion among the panel members, we present our findings (see "A Better Launch Pad," p. 56).One of the most important is the need to analyze the gap between how the project is actually being managed and NASA's official project management process.

We also recommend that a configuration control board, an ongoing panel to review systems configuration changes, needs to be created immediately for the critical account management system. The project to create a new security badge system already has one of these change management oversight boards in place, which the account management project would do well to imitate.

We run down the list of findings, with Greenwood doing most of the talking. Santiago and Ing thank us for our participation, and we go home. As the meeting is breaking up, I overhear one of the NASA people asking Ing what's next for the project. "Didn't you hear?" she asks, in a tone of good-natured grumbling. "Now I've got all this documentation I've got to redo."




 
 
>>> More Projects: Security Articles          >>> More By David F. Carr
 



Sponsored Links
  • Get up and running in as quickly as 30 days with BI. Learn how today.

  • FREE Securing Smartphones & Tablets for Dummies Book from Sophos
  • 5 New Technologies That Will Change Enterprise ITAdvertisement
  • Build an IT Infrastructure That Delivers the Future
     
    		•
     
    FEATURED SPONSORED ARTICLES
    FEATURED SPONSORED VIDEOS

     

    Related Content

    Articles Labs/How-To Multimedia


    LATEST STORIES
    - Five Ways to Put Mobile Technology to Work
    - Ten iPhone Apps that Will Save You Money
    - Mobility Transforms the Customer Relationshi...
    - BPM Keeps Pace With Business Changes
    - Speech Recognition Speaks To Businesses


     

     

    Advertisement
    rss graphic
           Baseline Newsletters

    Baseline:  

    Issue Index | Contact Us | About | Magazine Customer Service | Navigation Guide

    Quick Links:  

    Project Planners | Enterprise Resource Planning | Network and Online Security | Data Analysis | Process Management | Storage Devices| Link to Us

    Ziff Davis Enterprise Home | Contact Us | Advertise | Link to Us | Reprints | Magazine Subscriptions | Newsletters
    Tech RSS Feeds | White Papers | Tech Podcasts | Tech Video | VARs | System Builder

    Baseline | Careers | Channel Insider | CIO Insight | DesktopLinux | DeviceForge | DevSource | eSeminars |
    eWEEK | Enterprise Network Security | LinuxDevices | Linux Watch | Microsoft Watch | Mid-market | Networking | PDF Zone |
    Publish | Security IT Hub | Strategic Partner | TechDirect | Technology White Papers | Windows for Devices

    Developer Shed | Dev Shed | ASP Free | Dev Articles | Dev Hardware | SEO Chat | Tutorialized | Scripts |
    Code Walkers | Web Hosters | Dev Mechanic | Dev Archives | igrep

    Use of this site is governed by our Terms of Use and Privacy Policy

    Copyright ©1996-2012 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.