NASA’s own auditor has recently rated its cloud computing deployments very poorly in a report that raises some interesting questions on the use of the cloud at the space agency. I’d encourage you to read the NASA report itself, if you have time, as it’s genuinely interesting and can be found here.
I won’t repeat the content of the article and report but will summarise thus: in short, of the five cloud provider contracts NASA has in place, none addresses the business and IT security risks of public cloud and none meet “best practices for data security”; moreover, much of the information was moved onto the public cloud by various parts of NASA without knowledge or consent from the CIO’s office. This throws up a few points.
A Bit of History – NASA and Cloud
NASA’s history with cloud computing is interesting. Through their Nebula private cloud project (see the report for more information), they developed significant expertise in building large scale-out compute environments. In 2010, the partnered with Rackspace to develop OpenStack, an open source software stack for building clouds (a de facto competitor to the likes of VMware and Microsoft in the proprietary space and Xen, KVM and CloudStack in the open source space).
SOURCE: vigilance-securitymagazine.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…