(The Hosting News) – NASA auditors of the space agency’s cloud efforts have a message: There’s much need for improvement.
The annual audit report was issued late last month, noting that the space agency’s move to the cloud had the “potential to improve IT service delivery and reduce the costs associated with managing NASA’s diverse IT portfolio.”
So exactly where did NASA receive a failing grade? “We found that weaknesses in NASA’s IT governance and risk management practices have impeded the Agency from fully realizing the benefits of cloud computing and potentially put NASA systems and data stored in the cloud at risk,” explained the audit report.
Meanwhile, auditors also found NASA’s acquisition of securing of public cloud services to be “ineffective,” with the investigators saying that none of five NASA contracts met “best practices for securing data.”
The negative report follows NASA’s shutdown of cloud platform Nebula last year, something that was initially set up by the agency in 2009.
To combat problems, auditors suggested that NASA strengthen its governance of cloud computing along with compiling a full inventory of its cloud service providers – something that would ensure the agency meets a requirement to use FedRAMP-approved companies.
“As NASA expands its use of public cloud services, it is imperative that the Agency strengthen its governance and risk management practices to mitigate the chance that Agency operations may be disrupted, data lost, or public funds misused,” the report went on to say. To view the audit report in its entirety, go here (oig.nasa.gov).