Where every client is a top priority, and our service always exceeds expectations...
A Service Disabled Veteran Owned Business

Information Technology Security Plan

National Aeronautics and Space Administration
Headquarters

NASAProtection Strategies Incorporated (PSI), through a contract with Eagle Technologies Incorporated (ETI), developed the Information Technology (IT) Security Plan for the Headquarters Integrated Security System (HISS) located at the National Aeronautics and Space Administration (NASA) Headquarters in Washington, DC.

The IT Security Plan provides guidance for ensuring protection of NASA Headquarters IT resources. IT resources included, but were not limited to, computers, networks, telecommunication systems, applications, data and information. Informational areas that are documented in the IT Plan provide:

  • An overview of the security requirements of major applications or general support systems, and describes the controls in place, or planned, for meeting those requirements;
  • A delineated set of responsibilities and expected behaviors of all individuals who access the system;
  • Planning for security throughout the life cycle of a system – from project initiation through its disposal;
  • A secure computing environment based on managing risks at an appropriate level. Security controls commensurate with the magnitude of impact resulting from the loss, misuse, inability to assess, unauthorized access to, or modification of information to the system. A risk-based approach to security promotes using limited resources wisely to protect the most critical systems and information in a cost-effective manner.

The identification of common symptoms of computer security incidents related to computer files, user accounts, application software, physical areas, and viruses were identified by category in the IT Plan, along with the appropriate responses to the identified incidents.

Procedures were developed to permit NASA Headquarters to continue essential functions if information technology support is interrupted. These procedures (contingency plans, business interruption plans, and continuity of operations plans) required coordination with the backup, contingency, and recovery plans of other systems, including networks used by the application. The contingency plans ensure that interfacing systems are identified and contingency/disaster planning is coordinated.


    Copyright © 2011 Protection Strategies Incorporated  •   Disclaimer  |  Privacy Policy  .