NASA’s own auditor has recently rated its cloud computing deployments very poorly in a report that raises some interesting questions on the use of the cloud at the space agency. I’d encourage you to read the NASA report itself, if you have time, as it’s genuinely interesting and can be found here.
I won’t repeat the content of the article and report but will summarise thus: in short, of the five cloud provider contracts NASA has in place, none addresses the business and IT security risks of public cloud and none meet “best practices for data security”; moreover, much of the information was moved onto the public cloud by various parts of NASA without knowledge or consent from the CIO’s office. This throws up a few points.
A Bit of History – NASA and Cloud
NASA’s history with cloud computing is interesting. Through their Nebula private cloud project (see the report for more information), they developed significant expertise in building large scale-out compute environments. In 2010, the partnered with Rackspace to develop OpenStack, an open source software stack for building clouds (a de facto competitor to the likes of VMware and Microsoft in the proprietary space and Xen, KVM and CloudStack in the open source space).
SOURCE: vigilance-securitymagazine.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
“First of all, it should be praised that Ferrari have…
These findings aren’t very surprising given that unpatched zero-days provide…
These figures from Mandiant highlight how attackers are continuing to…
Just one week after the Zoll Medical data breach that…
Independent Living Systems (ILS), a Miami-based healthcare software firm providing…