Dumb IT department of the day
Daylife/Reuters pictures used by permission
NASA failed to delete sensitive data on computers and hard drives before selling the equipment as part of its plan to end the Space Shuttle program, an audit released on Tuesday shows…
“Our review found serious breaches in NASA’s IT security practices that could lead to the improper release of sensitive information related to the Space Shuttle and other NASA programs,” NASA Inspector General Paul Martin said in a statement…
The report cites 14 computers from the Kennedy Space Center that failed tests to determine if they were sanitized of sensitive information, 10 of which already had been released to the public. It also found that hard drives were missing from Kennedy and from the Langley Research Center in Virginia. Some of the Kennedy hard drives were later found inside a dumpster, where they were being stored before sale, that was accessible to the public, the audit says.
Investigators also found several pallets of computers being prepared for sale that were marked with NASA Internet Protocol addresses, which the report said could help hackers gain access to the NASA internal computer network.
As hard as some departments in our government work at increasing security, it feels like this sort of incompetence surfaces weekly.
I have casual friends who ask me about cleaning up and sanitizing hard drives in computers they’re selling. They have no mandate to be as sharp as a federal agency – yet they’re aware of basic security essentials.
Is NASA leaving these tasks to building maintenance or what?