Uncategorized

Data-at-Rest Is Not A New Requirement at NASA

By Keith Cowing
December 3, 2012
Filed under
Data-at-Rest Is Not A New Requirement at NASA

Data-at-Rest (DAR) at NASA HQ

“This page contains important information for employees regarding the Data-at-Rest (DAR) Encryption project at Headquarters. As mandated by Federal law and Agency policy, all NASA-issued laptops must have Data-At-Rest (DAR) whole-disk encryption software. The NASA OCIO has directed that all Centers complete this activity by December 21, 2012. Per the Agency directive dated November 13, 2012, no NASA-issued laptops containing sensitive information may be removed from a NASA facility unless DAR encryption software is enabled OR any sensitive files are individually encrypted (using Entrust PKI).” 

Recommendation to Fund and Deploy Agency Data-at-Rest (DAR) Solution, NASA CIO, 21 Feburary 2008

“Based on an evaluation of NASA’s requirements for encryption of data at rest and of the solutions currently available, I recommend that your office fund the implementation and deployment of an integrated, interoperable NASA DAR solution in the amount of $2.0M for Fiscal Year 2008. Details of the recommended solution, based on McAfee’s Safeboot product suite, and the evaluation that produced this recommendation are in the attached presentation.”

Keith’s note: Looks like there was direction executed within the CIO in early 2008 – before the current CIO even arrived on the job. Four years later and NASA is only getting around to taking its own decisions seriously. Note: there is no date on this PDF file but it was created on 21 Feb 2008.

SpaceRef co-founder, Explorers Club Fellow, ex-NASA, Away Teams, Journalist, Space & Astrobiology, Lapsed climber.