Upload
sandra4211
View
2.808
Download
5
Embed Size (px)
DESCRIPTION
Citation preview
NASA HeadquartersNASA Headquarters
New Employee IT OrientationNew Employee IT Orientation
September 11, 2008 2
AgendaAgenda
• Information Technology OverviewInformation Technology Overview• Desktop SupportDesktop Support• IT Services IT Services • Commonly Used HQ Wide Commonly Used HQ Wide
ApplicationsApplications• 358-HELP Services358-HELP Services• HQ Appropriate Use PolicyHQ Appropriate Use Policy
& IT Security Awareness Training& IT Security Awareness Training• ConclusionConclusion
Information Technology Information Technology OverviewOverview
September 11, 2008 4
September 11, 2008 5
Office of Institutions and Office of Institutions and ManagementManagement
September 11, 2008 6
HEADQUARTERS INFORMATION TECHNOLOGYAND COMMUNICATIONS DIVISION
Les Newell, Director/HQCIOVictor. Thompson, Deputy Dir./CIO
Systems, Operations & Engineering Branch
Dennis Groth
Customer Services Branch
Jeffrey Hall
Computer OperationsMike Barrett, Telecommunications SpecialistVACANT, IT Spec-SYSADM
Engineering ServicesSam Ramos, IT Specialist-Engineer
Software Applications Services Linda Hong, IT Specialist - APPSW Bobby Culp, IT Specialist Brian McCall, IT Specialist - INET
Service Management Joan Verbeck, IT Specialist-CUSTSPT. VACANT, IT Specialist-CUSTSPT. Elaine Bowman, IT Specialist-CUSTSPT.
Security Services Scott Oglesby, IT Specialist-INFOSEC Gregg Kerr, IT Specialist-INFOSEC Andy Boncek, IT Specialist-INFOSEC Mary Shouse, Management Analyst
Andrew Schain, CTO/Enterprise ArchitectGretchen Davidian, IT Project ManagerSharon Washington, Staff Support Asst.Ray Johnston, Capital Plng & Investment Control
Equipment, Maintenance, & Management Jeff. Anderson, IT Specialist-Asset Mgmt.
Printing and Design Michael Crnkovic, Printing Officer Stan Artis, Asst. Printing Officer Tom Powers, Visual Information Specialist Carl Paul, Clerk
September 11, 2008 7
HQ Information TechnologyHQ Information Technology& Communications Division & Communications Division
• Mission:Mission:– Provide IT and communications services Provide IT and communications services
for NASA Headquarters employeesfor NASA Headquarters employees
– Use innovative solutions to increase the Use innovative solutions to increase the productivity of NASA HQ employees while productivity of NASA HQ employees while achieving the highest levels of customer achieving the highest levels of customer serviceservice
– Manage and deploy cost-effective Manage and deploy cost-effective solutions into the HQ IT environmentsolutions into the HQ IT environment
September 11, 2008 8
Employee IT ResponsibilitiesEmployee IT Responsibilities
• Fill out Account Administration Forms Fill out Account Administration Forms (252)(252)
• Follow the “Appropriate Use” Policy in the performance Follow the “Appropriate Use” Policy in the performance of your dutiesof your duties
• Maintain your own Directory recordMaintain your own Directory record• Update Emergency Notification System (ENS) or sign Update Emergency Notification System (ENS) or sign
waiverwaiver• Back up your hard drive (C:) Back up your hard drive (C:) • Obtain annual IT security trainingObtain annual IT security training• Call IT Help Desk at 358-HELP (4357) for all IT services, Call IT Help Desk at 358-HELP (4357) for all IT services,
problems, and other needsproblems, and other needs• Consult with your IT Point-of-Contact (POC) for questions Consult with your IT Point-of-Contact (POC) for questions
and requirements that cannot be handled by the Help and requirements that cannot be handled by the Help DeskDesk
September 11, 2008 9
Communication with HQ Communication with HQ EmployeesEmployees
• ITCD Web Site: http://www.hq.nasa.gov/itcdITCD Web Site: http://www.hq.nasa.gov/itcd• Electronic NotificationElectronic Notification
• IT Notices (as needed)IT Notices (as needed)• Heads Up (Tuesdays & Thursdays)Heads Up (Tuesdays & Thursdays)
• Information Technology Exchanges (ITE)Information Technology Exchanges (ITE)• Customer Advisory Committee (CAC) MeetingsCustomer Advisory Committee (CAC) Meetings• IT POCsIT POCs
– Customer Service Project Reviews (CSPR)Customer Service Project Reviews (CSPR)
September 11, 2008 10
HQs IT Infrastructure OverviewHQs IT Infrastructure Overview
FirewallInternet
Work Stations Mac/PC
Servers
September 11, 2008 12
Standard Desktop HardwareStandard Desktop Hardware
• Windows XP computersWindows XP computers– DesktopDesktop– Laptop with docking stationLaptop with docking station– Lightweight Laptop with docking stationLightweight Laptop with docking station– TabletsTablets
• Apple (Macintosh OS X)Apple (Macintosh OS X) – DesktopDesktop– Laptop with docking stationLaptop with docking station– Lightweight Laptop with docking stationLightweight Laptop with docking station
September 11, 2008 13
Standard Desktop SoftwareStandard Desktop Software
• MS Office Suite 2003 & Macintosh Office MS Office Suite 2003 & Macintosh Office 20042004
• Electronic mail and calendaring Electronic mail and calendaring – NASA Operational Messaging and Directory NASA Operational Messaging and Directory
Service (NOMAD) Outlook and EntourageService (NOMAD) Outlook and Entourage• Web Browser Web Browser
– Internet Explorer (PC)Internet Explorer (PC)– Firefox, Safari (Mac)Firefox, Safari (Mac)
• Acrobat Reader and Plug-InsAcrobat Reader and Plug-Ins
September 11, 2008 14
Network PrintersNetwork Printers
• Printers are located within the departments for Printers are located within the departments for everyday workeveryday work
• Color printers available throughout the building Color printers available throughout the building and in the User Resource Center (URC)and in the User Resource Center (URC)
• Printing facility located on C LevelPrinting facility located on C Level– For high-volume printing requirementsFor high-volume printing requirements
• If you have any questions call the IT Help Desk If you have any questions call the IT Help Desk at 358-HELP (4357)at 358-HELP (4357)
• Color printers are 18 times more expensive Color printers are 18 times more expensive than b/w printersthan b/w printers
September 11, 2008 15
• Local hard driveLocal hard drive– C: Drive (PC) or Macintosh HDC: Drive (PC) or Macintosh HD– Back up your hard drive Back up your hard drive
• Headquarters ServersHeadquarters Servers– For Personal foldersFor Personal folders
• T: Drive (PC) or User ID (Mac)T: Drive (PC) or User ID (Mac)– For Group foldersFor Group folders
• U: Drive (PC) or Office ID (Mac)U: Drive (PC) or Office ID (Mac)– Shared drive – all users haveShared drive – all users have
read/write/delete access read/write/delete access • X: Drive (PC) or hq_shared (Mac)X: Drive (PC) or hq_shared (Mac)
– For secured work group foldersFor secured work group folders• W: Drive (PC) or hq_groups (Mac)W: Drive (PC) or hq_groups (Mac)
StorageStorage
September 11, 2008 16
Questions?Questions?
IT ServicesIT Services
September 11, 2008 18
IT ServicesIT Services
• Video and Video and TeleconferencingTeleconferencing– Conference Room Conference Room
Setup (MIC)Setup (MIC)• Remote AccessRemote Access• Guest NetworkGuest Network• Desktop Backup and Desktop Backup and
Recovery ProgramRecovery Program• Emergency Notification Emergency Notification
System (ENS)System (ENS)• Communications Support Communications Support
Services CenterServices Center• Computer Training Computer Training
CenterCenter
• Web-Based trainingWeb-Based training• User Resource CenterUser Resource Center• Laptop Loaner PoolLaptop Loaner Pool• Software for Home UseSoftware for Home Use• Custom ApplicationsCustom Applications• Multimedia SupportMultimedia Support• Telecommunications and Telecommunications and
other servicesother services• The Business The Business
Administrative System Administrative System Office (BASO) Support Office (BASO) Support ServicesServices
• Records ManagementRecords Management• Electronic FormsElectronic Forms
September 11, 2008 19
Video and Teleconferencing Video and Teleconferencing
• ViTS (Video Teleconferencing System)ViTS (Video Teleconferencing System)– Primarily used for conferencing with other NASA centersPrimarily used for conferencing with other NASA centers
• Public facilities located on C levelPublic facilities located on C level• Other limited facilities within the departmentsOther limited facilities within the departments• Call 358-0146 or visitCall 358-0146 or visit https://intranet.hq.nasa.gov/vits/https://intranet.hq.nasa.gov/vits/
• Conference Rooms on each floorConference Rooms on each floor– On request:On request:
• Computers (PCs or MACs) and projectorsComputers (PCs or MACs) and projectors• Voice conferencing (Need bridge number) Voice conferencing (Need bridge number) • Maintained by A/V SupportMaintained by A/V Support
– https://intranet.hq.nasa.gov/FHDS/login.cfmhttps://intranet.hq.nasa.gov/FHDS/login.cfm• Additional network connections for computers attached to the Additional network connections for computers attached to the
projectorsprojectors– Always on:Always on:
• Network connectivity in Management Information Centers Network connectivity in Management Information Centers (MICs) and Program Review Center (PRC) (MICs) and Program Review Center (PRC)
• Guest Network through the Yellow Cable or wirelessGuest Network through the Yellow Cable or wireless
September 11, 2008 20
Remote AccessRemote Access
Accessing HQ IT ServicesAccessing HQ IT Services
SNA (Secure Nomadic Access)SNA (Secure Nomadic Access)https://sna.hq.nasa.gov ; requires SecurID tokenhttps://sna.hq.nasa.gov ; requires SecurID token
For more information: For more information: https://www.hq.nasa.gov/itcd/networking-sna.htmlhttps://www.hq.nasa.gov/itcd/networking-sna.html
VPN (Virtual Private Network)VPN (Virtual Private Network)Requires SecurID tokenRequires SecurID token
For More Information: For More Information:
https://www.hq.nasa.gov/itcd/networking-vpn.htmlhttps://www.hq.nasa.gov/itcd/networking-vpn.html
OWA (Outlook Web Access)OWA (Outlook Web Access)https://webmail.nasa.gov https://webmail.nasa.gov
September 11, 2008 21
Secure Nomadic Access (SNA)Secure Nomadic Access (SNA)
• SNA allows you to access:SNA allows you to access:– HQ Intranet Web PagesHQ Intranet Web Pages– NT file sharesNT file shares– WebTADSWebTADS– Travel ManagerTravel Manager
• To use SNA, you need a SecurID TokenTo use SNA, you need a SecurID Token– Issued to all new customersIssued to all new customers– If you do not have one, contact your IT POC If you do not have one, contact your IT POC
to request oneto request one
September 11, 2008 22
Virtual Private Network Virtual Private Network (VPN)(VPN)
• VPN allows you to access:VPN allows you to access:– HQ Intranet Web PagesHQ Intranet Web Pages– Shared DrivesShared Drives– Outlook e-mail and calendaringOutlook e-mail and calendaring– Shared applications (WebTADS, Travel Manager, Shared applications (WebTADS, Travel Manager,
PIMS, etc.)PIMS, etc.)
• To use VPN, you need:To use VPN, you need:– SecurID TokenSecurID Token– NASA HQ Issued Laptop ComputerNASA HQ Issued Laptop Computer– Access to a VPN capable high speed internet Access to a VPN capable high speed internet
connection connection
September 11, 2008 24
Wireless for HQ UsersWireless for HQ Users
• The NASA HQ Wireless network is available on all floors The NASA HQ Wireless network is available on all floors of the NASA Headquarters building of the NASA Headquarters building
• Use the Use the private HQ networkprivate HQ network if you intend to access if you intend to access internal NASA Headquarters resources. internal NASA Headquarters resources.
• Wireless access is available in general office areas and Wireless access is available in general office areas and conference rooms, the Library, and Auditorium.conference rooms, the Library, and Auditorium.
• To use this network you must have an RSA token issued To use this network you must have an RSA token issued by NASA Headquarters or by a NASA Center that NASA by NASA Headquarters or by a NASA Center that NASA
Headquarters is configured to recognize. Headquarters is configured to recognize. • Visit: http://wireless.hq.nasa.gov/userguides.htmVisit: http://wireless.hq.nasa.gov/userguides.htm
September 11, 2008 25
NASA HQ Guest NetworkNASA HQ Guest Network
• Wired and Wireless accessWired and Wireless access– Wired access is available in most conference Wired access is available in most conference
roomsrooms– Look for the yellow network cable labeled Look for the yellow network cable labeled
"NASA Headquarters Guest Network“"NASA Headquarters Guest Network“• Guest Network provides basic Web, VPN, Guest Network provides basic Web, VPN,
and E-mail accessand E-mail access• Printing is allowed to select printers Printing is allowed to select printers
inside the NASA Headquarters building inside the NASA Headquarters building
September 11, 2008 26
NASA HQ Guest NetworkNASA HQ Guest Network
• You must obtain a user name and password You must obtain a user name and password and authenticate using a Web browser to use and authenticate using a Web browser to use the Guest Networkthe Guest Network
• You may obtain a user name and password You may obtain a user name and password from the following locations: from the following locations: – HQ LibraryHQ Library– From each organizations' IT POCFrom each organizations' IT POC– From the User Resource Center (URC) located in From the User Resource Center (URC) located in
CX42 CX42 – By having your sponsor obtain them at By having your sponsor obtain them at
http://wireless.hq.nasa.gov/ to obtain credentials and http://wireless.hq.nasa.gov/ to obtain credentials and instructionsinstructions
September 11, 2008 28
Desktop Backup and Recovery Desktop Backup and Recovery ProgramProgram
• Data backup occurs nightlyData backup occurs nightly– All applications must be closedAll applications must be closed– Your computer must be restarted prior to leaving for Your computer must be restarted prior to leaving for
the day and connected to the NASA networkthe day and connected to the NASA network– You should not log inYou should not log in– Laptop users should leave their computers on and Laptop users should leave their computers on and
docked at least once per week if they desire backup docked at least once per week if they desire backup servicesservices
• Disaster recovery service is not intended for Disaster recovery service is not intended for recovery of individual “lost” filesrecovery of individual “lost” files
September 11, 2008 29
Desktop Backup (continued)Desktop Backup (continued)
• Selected Folders and Files that are Backed UpSelected Folders and Files that are Backed Up– Windows XP computers:Windows XP computers:
• Local PST file (e-mail file containing stored messages Local PST file (e-mail file containing stored messages and attachments)and attachments)
• Browser bookmarksBrowser bookmarks• Desktop itemsDesktop items
– Macintosh computers:Macintosh computers:• Entourage e-mail file (local e-mail file storage, Entourage e-mail file (local e-mail file storage,
messages and attachments)messages and attachments)• Contents of Documents folderContents of Documents folder• Desktop itemsDesktop items• Browser bookmarksBrowser bookmarks• KeychainsKeychains• PreferencesPreferences
September 11, 2008 30
How to Check Your Backup How to Check Your Backup Status Status
• Windows XP Users:Windows XP Users:– StartStart– ProgramsPrograms– Tivoli Storage ManagerTivoli Storage Manager– Desktop Recovery StatusDesktop Recovery Status
• Macintosh Users:Macintosh Users:– ApplicationsApplications– Tivoli Storage ManagerTivoli Storage Manager– Desktop Recovery StatusDesktop Recovery Status
September 11, 2008 32
Emergency Notification System Emergency Notification System (ENS)(ENS)
• The The EEmergency mergency NNotification otification SSystem (ENS) is a NASA HQ-wide tool used to ystem (ENS) is a NASA HQ-wide tool used to alert personnel of critical emergency information.alert personnel of critical emergency information.
• The ENS is an easy and secure way to help ensure your safety. In a crisis The ENS is an easy and secure way to help ensure your safety. In a crisis emergency, the ENS can deliver life-saving information or warnings.emergency, the ENS can deliver life-saving information or warnings.
• The ENS is easy to use, but you must register for it to work fully.The ENS is easy to use, but you must register for it to work fully.– Work numbers are entered by default.Work numbers are entered by default.– You must provide your personal contact information to enable ENS to work fully.You must provide your personal contact information to enable ENS to work fully.– Periodically login to ensure your information is correct and up to date.Periodically login to ensure your information is correct and up to date.
• During a critical building emergency or for National Capital Region-wide During a critical building emergency or for National Capital Region-wide emergencies, the ENS will be activated.emergencies, the ENS will be activated.
• After reviewing the Privacy Act Statement for the use of ENS, if you After reviewing the Privacy Act Statement for the use of ENS, if you decide you do not want to provide your personal information, you must decide you do not want to provide your personal information, you must sign and return the “Waiver for Participation in the NASA Headquarters sign and return the “Waiver for Participation in the NASA Headquarters Emergency Notification System”.Emergency Notification System”.
September 11, 2008 33
Communications Support Communications Support Services Center (CSSC)Services Center (CSSC)
• Web DesignWeb Design• Graphic DesignGraphic Design• Exhibit DesignExhibit Design• Multimedia DesignMultimedia Design• AnimationAnimation• Creative WritingCreative Writing• EditingEditing• Document ServicesDocument Services• Duplication ServicesDuplication Services• Printing ServicesPrinting Services
HoursHours - Monday through Friday, 8:00 a.m to 4:30 p.m.EST ( - Monday through Friday, 8:00 a.m to 4:30 p.m.EST (excluding excluding Holidays)Holidays)
LocationLocation - Room CL78 - Room CL78TelephoneTelephone - 202-358-0630 - 202-358-0630 Visit http://cssc.hq.nasa.gov/Visit http://cssc.hq.nasa.gov/
September 11, 2008 34
Computer Training CenterComputer Training Center
• Types of classesTypes of classes– Lunch and LearnsLunch and Learns– WorkshopsWorkshops– Instructor-led ClassesInstructor-led Classes– Deskside (1-on-1)Deskside (1-on-1)
• Examples of trainingExamples of training– Microsoft Office SuiteMicrosoft Office Suite– Outlook / EntourageOutlook / Entourage– HATSHATS
HoursHours - Monday through Friday, 8:00 a.m. to 4:30 p.m. EST - Monday through Friday, 8:00 a.m. to 4:30 p.m. EST ((excluding Holidays)excluding Holidays)
LocationLocation - Suite 3Q53 - Suite 3Q53TelephoneTelephone - 202-358-1111 - 202-358-1111Visit:Visit: hhttp://ctc.hq.nasa.gov ttp://ctc.hq.nasa.gov
September 11, 2008 35
Web Based TrainingWeb Based Training
• Attend classes online 24/7 from any location Attend classes online 24/7 from any location with Internet connectivitywith Internet connectivity
• Some classes are instructor-led at specified Some classes are instructor-led at specified dates and timesdates and times
• Register once on SATERN to access any classes Register once on SATERN to access any classes at any timeat any time– Civil Servants are automatically registeredCivil Servants are automatically registered
• For questions, or to register, contact the CTC:For questions, or to register, contact the CTC:– [email protected]@hq.nasa.gov– 358-1111358-1111– http://ctc.hq.nasa.gov http://ctc.hq.nasa.gov
September 11, 2008 36
User Resource Center User Resource Center (URC)(URC)
URC personnel provide:URC personnel provide:Walk-in technical support and services (e.g., Walk-in technical support and services (e.g., word processing; printing; scanning; creation of word processing; printing; scanning; creation of graphics; CD copying; graphics; CD copying; color printing; color printing; and dial-in and dial-in and Web accessand Web access).).HoursHours - Monday through Friday, 7:30 a.m to 5:00 p.m. - Monday through Friday, 7:30 a.m to 5:00 p.m.
EST (EST (excluding Holidays)excluding Holidays)
LocationLocation - Room CX42 - Room CX42
TelephoneTelephone - 202-358-0650 - 202-358-0650
Visit: Visit: http://www.hq.nasa.gov/itcd/user_rc.htmlhttp://www.hq.nasa.gov/itcd/user_rc.html
September 11, 2008 37
• Laptop Loaner PoolLaptop Loaner Pool– Laptop loaner requests are processedLaptop loaner requests are processed
via a call to the IT Help Desk atvia a call to the IT Help Desk at358-HELP (4357)358-HELP (4357)
– Available for check-out in 4 business hoursAvailable for check-out in 4 business hours– Standard loan of up to 2 weeksStandard loan of up to 2 weeks– Laptop loaners are configured with the standard HQ softwareLaptop loaners are configured with the standard HQ software– Above core software can be installed if it has been purchased Above core software can be installed if it has been purchased
for your seat and licensing permitsfor your seat and licensing permits– Full size and light weight PCs and full size MacsFull size and light weight PCs and full size Macs– Also available:Also available:
• Travel Printers and Zip DrivesTravel Printers and Zip Drives• Cellular PhonesCellular Phones• Domestic or International wireless PDAsDomestic or International wireless PDAs• Cingular wireless cards for laptopsCingular wireless cards for laptops
Laptop Loaner PoolLaptop Loaner Pool
September 11, 2008 39
Software For Home UseSoftware For Home Use
• Available software for home use is Microsoft Office for Available software for home use is Microsoft Office for PC and MAC, browser & plug-ins, Outlook 2003 for PC or PC and MAC, browser & plug-ins, Outlook 2003 for PC or Entourage for Mac, and anti-virusEntourage for Mac, and anti-virus– Software is for installation on one home computer onlySoftware is for installation on one home computer only
– The media must be returned to the Software Library within The media must be returned to the Software Library within one weekone week
• Call the IT Help Desk at 358-HELP (4357) to open a Call the IT Help Desk at 358-HELP (4357) to open a ticket requesting software ticket requesting software
• Customer called when software is ready, usually next Customer called when software is ready, usually next day, for pickup Monday-Friday, 9:00 a.m to 12:00 noon day, for pickup Monday-Friday, 9:00 a.m to 12:00 noon EST.EST.– You will be required to sign a Loan Agreement upon You will be required to sign a Loan Agreement upon
picking up your softwarepicking up your software
September 11, 2008 40
Custom ApplicationsCustom Applications
• Client-server, Web-based, and Client-server, Web-based, and mainframe applications supportedmainframe applications supported
• Contact your IT POC if you want to Contact your IT POC if you want to investigate a custom application.investigate a custom application.
September 11, 2008 42
TelecommunicationsTelecommunications
• TelephonesTelephones• Voice mailVoice mail• Phone credit cardPhone credit card• Cell phonesCell phones• Handheld devicesHandheld devices
September 11, 2008 43
BASO Support ServicesBASO Support Services
The The BBusiness and usiness and AAdministrative dministrative SSystem ystem OOffice ffice (BASO) (BASO) provides customerprovides customer support (e.g., Training, Support support (e.g., Training, Support Line, Web site) for the following IEM and eGovernment Line, Web site) for the following IEM and eGovernment systems at NASA:systems at NASA:– SAP R/3SAP R/3– Business Warehouse (BW)Business Warehouse (BW)– Travel ManagerTravel Manager– WebTADSWebTADS– Competency Management System (CMS)Competency Management System (CMS)– BankcardBankcard– Workforce Integrated Management System (WIMS)Workforce Integrated Management System (WIMS)
September 11, 2008 44
BASO Support ServicesBASO Support Services
BASO maintains the following resources for customer BASO maintains the following resources for customer support:support:
• BASO Support Center:BASO Support Center:– Support line can be reached at 202-358-IEMP (4367) Support line can be reached at 202-358-IEMP (4367) – Go-to computer stations for desk-side assistance are available in Go-to computer stations for desk-side assistance are available in
HQ Room 4R40HQ Room 4R40– Available Monday-Friday 8:00am-4:30pmAvailable Monday-Friday 8:00am-4:30pm
• BASO Web site (BASO Web site (http://baso.hq.nasa.gov)http://baso.hq.nasa.gov)– Contains information for IEM applications including Job Aids, FAQs, Contains information for IEM applications including Job Aids, FAQs,
online training courses, and links to access the systemsonline training courses, and links to access the systems • Customer TrainingCustomer Training
– Customers can view and sign up for all BASO instructor-led training Customers can view and sign up for all BASO instructor-led training classes via SATERNclasses via SATERN
September 11, 2008 45
Records Management ProgramRecords Management Program
The HQ Records Management Team offers assistance inThe HQ Records Management Team offers assistance inthe identification, preservation/storage, and protection ofthe identification, preservation/storage, and protection ofrecords against loss, theft, and unauthorized release or records against loss, theft, and unauthorized release or change regardless of the record format. change regardless of the record format.
HQ Records Manager: Patricia SoutherlandHQ Records Manager: Patricia Southerland(202) 358-0621(202) 358-0621Records Management Team:Records Management Team:Rhonda BenningRhonda Benning(202) 358-0148(202) 358-0148Fran TeelFran Teel(301) 286-2211 (301) 286-2211
Visit: http://www.hq.nasa.gov/itcd/records_manage.htmlVisit: http://www.hq.nasa.gov/itcd/records_manage.html
September 11, 2008 46
Electronic FormsElectronic Forms
The NASA Electronic Forms (NEF) system is a suite of The NASA Electronic Forms (NEF) system is a suite of tools used for filling out, signing, submitting, archiving, tools used for filling out, signing, submitting, archiving, and tracking electronic forms – all using your desktop and tracking electronic forms – all using your desktop computer. computer.
FORMS ADMINISTRATION TEAMFORMS ADMINISTRATION TEAM:: HQ Forms Manager: Pat SoutherlandHQ Forms Manager: Pat Southerland(202) 358-0621(202) 358-0621HITSS Forms Manager: Ellwood AnnaheimHITSS Forms Manager: Ellwood Annaheim(202) 358-0830 (202) 358-0830 HITSS Alternate Forms Manager: Kim DwyerHITSS Alternate Forms Manager: Kim Dwyer(202) 358-0830(202) 358-0830
Visit: http://www.hq.nasa.gov/itcd/eforms.htmlVisit: http://www.hq.nasa.gov/itcd/eforms.html
September 11, 2008 47
Questions?Questions?
Commonly Used Headquarters Commonly Used Headquarters Wide ApplicationsWide Applications
September 11, 2008 50
Travel ManagerTravel Manager
• Travel Manager is an automated, Web-based Travel Manager is an automated, Web-based application for requesting and approving Travel application for requesting and approving Travel Authorizations and Travel VouchersAuthorizations and Travel Vouchers
• A A NASA Form 1700NASA Form 1700 IEMP System Access RequestIEMP System Access Request must be completed and submittedmust be completed and submitted
• For additional information or Travel Manager For additional information or Travel Manager training, contact the Business and Administrative training, contact the Business and Administrative Systems Office (BASO) at 358-IEMP (4367), via e-Systems Office (BASO) at 358-IEMP (4367), via e-mail at [email protected] or visit the Web mail at [email protected] or visit the Web page at http://travel.hq.nasa.gov. BASO business page at http://travel.hq.nasa.gov. BASO business hours are Monday through Friday, 8:00am to hours are Monday through Friday, 8:00am to 4:30pm.4:30pm.
September 11, 2008 51
WebTADSWebTADS
• WebTADS is NASA HQs time and labor WebTADS is NASA HQs time and labor collection systemcollection system
• WebTADS is a Web-based application that WebTADS is a Web-based application that simplifies the recording of your labor and leave simplifies the recording of your labor and leave hours for payroll processinghours for payroll processing
• For More information call 358-IEMPFor More information call 358-IEMP
Web-based training for all HQ employees, Web-based training for all HQ employees, approvers, and POCs is available at approvers, and POCs is available at http://webtads.hq.nasa.gov/training.htm http://webtads.hq.nasa.gov/training.htm
September 11, 2008 52
• NASA Agency-wide directory NASA Agency-wide directory • Record must include full legal name from Record must include full legal name from
your official personnel records (i.e.) Patrick J. your official personnel records (i.e.) Patrick J. Jones (official)Jones (official)– Patrick, Pat, Pjones, PJ, etc. (aliases)Patrick, Pat, Pjones, PJ, etc. (aliases) – Users are responsible for keeping information Users are responsible for keeping information
currentcurrent• To change X.500, send E-mail: To change X.500, send E-mail: [email protected]@hq.nasa.gov
with correct informationwith correct information
• Web site for searching:Web site for searching:http://www.hq.nasa.gov/ihttp://www.hq.nasa.gov/itcd/x500/x500.htmltcd/x500/x500.html
X.500 Directory ServicesX.500 Directory Services
September 11, 2008 53
Global Address List (GAL)Global Address List (GAL)
• Contains name and e-mail addresses for everyone at NASAContains name and e-mail addresses for everyone at NASA
• Centers that are not on NOMAD appear with a icon, indicating an Centers that are not on NOMAD appear with a icon, indicating an “Internet” e-mail addressSeptember 11, 2008“Internet” e-mail addressSeptember 11, 2008
• Easily identify someone’s Center, Org Code, and employment statusEasily identify someone’s Center, Org Code, and employment status
• Find other contact information if available (phone numbers, office Find other contact information if available (phone numbers, office locations, job title, etc.)locations, job title, etc.)
• Public distribution list groups (DL-HQ-XXXX or DL-XXXX) and Public Public distribution list groups (DL-HQ-XXXX or DL-XXXX) and Public conference rooms (CR-HQ-XXXX) are available in one locationconference rooms (CR-HQ-XXXX) are available in one location
September 11, 2008 54
Outlook 2003 or Entourage 2004Outlook 2003 or Entourage 2004
• Headquarters calendaring and Headquarters calendaring and scheduling applicationscheduling application– Schedule meetings at HQ and send e-Schedule meetings at HQ and send e-
mail invitation to non-HQ guestsmail invitation to non-HQ guests– Set-up remindersSet-up reminders– View others’ calendars through View others’ calendars through
sharing or delegatessharing or delegates• Training availableTraining available
• Call Call 358-1111358-1111 for assistance for assistance
September 11, 2008 55
Anti-Spam/Anti-VirusAnti-Spam/Anti-Virus
• All incoming e-mail passes through the SPAM All incoming e-mail passes through the SPAM Firewall before entering NASA Headquarters e-mail Firewall before entering NASA Headquarters e-mail systemssystems
• Based on policy settings, the SPAM Firewall:Based on policy settings, the SPAM Firewall:– allows the e-mail to pass throughallows the e-mail to pass through– deletes the e-maildeletes the e-mail– or quarantines the e-mailor quarantines the e-mail
• Incoming e-mail with any of the following Incoming e-mail with any of the following characteristics is deleted:characteristics is deleted:– contains a known viruscontains a known virus– contains file attachments with known Microsoft-OS contains file attachments with known Microsoft-OS
executable file extensionsexecutable file extensions– is sent from an Internet domain whose sole intent is is sent from an Internet domain whose sole intent is
known to be the generation of unsolicited junk e-mailknown to be the generation of unsolicited junk e-mail
September 11, 2008 56
Anti-Spam/Anti-Virus Cont’dAnti-Spam/Anti-Virus Cont’d
• Incoming e-mail that has a high probability of being Incoming e-mail that has a high probability of being unsolicited junk e-mail is quarantined:unsolicited junk e-mail is quarantined:– This prevents e-mail from cluttering up your e-mail in-box This prevents e-mail from cluttering up your e-mail in-box
or handheld deviceor handheld device
– You will receive regular e-mail notifications about your e-You will receive regular e-mail notifications about your e-mail being held in the quarantine, and will be able to mail being held in the quarantine, and will be able to retrieve or delete these messages yourselfretrieve or delete these messages yourself
• You can “train” the SPAM Firewall when it makes a You can “train” the SPAM Firewall when it makes a mistakemistake– specify Internet addresses or domain names that should specify Internet addresses or domain names that should
always be able to send you mail (“Safe Sender”)always be able to send you mail (“Safe Sender”)
– or addresses or domains that should never be able to send or addresses or domains that should never be able to send you mail (“Blocked Sender”)you mail (“Blocked Sender”)
September 11, 2008 57
User DigestUser Digest
September 11, 2008 58
Junk Mail FolderJunk Mail Folder
• It is impossible to stop ALL SPAM It is impossible to stop ALL SPAM
• Should a piece of SPAM pass through the SPAM Should a piece of SPAM pass through the SPAM Firewall and arrive in your Outlook/Entourage inbox, Firewall and arrive in your Outlook/Entourage inbox, you can use the built in SPAM filters in Outlook and you can use the built in SPAM filters in Outlook and Entourage to “train” these programs to further Entourage to “train” these programs to further reduce the amount of SPAM you receivereduce the amount of SPAM you receive
• Outlook/Entourage SPAM filters can be trained to Outlook/Entourage SPAM filters can be trained to stop almost 99.9% of all SPAMstop almost 99.9% of all SPAM– Tools, Options, Preferences, Junk E-Mail… in OutlookTools, Options, Preferences, Junk E-Mail… in Outlook
– Tools, Junk E-Mail Protection… in EntourageTools, Junk E-Mail Protection… in Entourage
September 11, 2008 59
Junk Mail Folder Cont’dJunk Mail Folder Cont’d
• Set the level of protection you want:Set the level of protection you want:– Low, catches the most obvious Junk mailLow, catches the most obvious Junk mail– High, catches most junk mail, but may also trap legitimate messagesHigh, catches most junk mail, but may also trap legitimate messages– Safe Lists Only/Exclusive, only allows messages from people/domains you Safe Lists Only/Exclusive, only allows messages from people/domains you
designate as safe, or from your Address Book/Contacts; all other mail goes designate as safe, or from your Address Book/Contacts; all other mail goes directly to the Junk Mail folderdirectly to the Junk Mail folder
• You can “train” this SPAM filter in Outlook and Entourage when it You can “train” this SPAM filter in Outlook and Entourage when it makes a mistakemakes a mistake– Outlook:Outlook:
• In the Junk Mail Folder….right-click…Mark as Not JunkIn the Junk Mail Folder….right-click…Mark as Not Junk• In Inbox, right-click…. Add Sender to Blocked Senders ListIn Inbox, right-click…. Add Sender to Blocked Senders List
– Entourage:Entourage:• In the Junk Mail Folder, select the message(s), click on Message, Mark as In the Junk Mail Folder, select the message(s), click on Message, Mark as
Not JunkNot Junk• In the Inbox, select the message(s), click on Message, Mark as JunkIn the Inbox, select the message(s), click on Message, Mark as Junk
September 11, 2008 60
Anti-Spam/Anti-VirusAnti-Spam/Anti-VirusAdditional ResourcesAdditional Resources
• Anti-spam/Anti-virus service Anti-spam/Anti-virus service information : information : http://http://www.hq.nasa.gov/itcd/antispam.htmlwww.hq.nasa.gov/itcd/antispam.html
• Contact the IT Help Desk for Contact the IT Help Desk for assistance. (358-HELP)assistance. (358-HELP)
September 11, 2008 61
Types of CalendarsTypes of Calendars
• Personal-businessPersonal-business– Individuals’ personal-Individuals’ personal-
business schedulebusiness schedule
• Resource Resource (Functional)(Functional)– Conference RoomConference Room– Activities CalendarActivities Calendar
September 11, 2008 65
Calendar Idiosyncrasies – Calendar Idiosyncrasies – Changing A MeetingChanging A Meeting
• Changing A MeetingChanging A Meeting– Always choose Send UpdateAlways choose Send Update– If you choose Save & Close, you will be If you choose Save & Close, you will be
prompted to send updateprompted to send update– Save & Close Save & Close ONLYONLY updates your own updates your own
calendar, not those of meeting calendar, not those of meeting attendees!attendees!
September 11, 2008 66
Calendar Idiosyncrasies – Calendar Idiosyncrasies – Canceling A MeetingCanceling A Meeting
• Always send a cancellation noticeAlways send a cancellation notice– If you Delete without sending a cancellation, If you Delete without sending a cancellation,
ONLYONLY your own calendar will be updated, your own calendar will be updated, not those of meeting attendees!not those of meeting attendees!
September 11, 2008 67
Calendar Idiosyncrasies – Calendar Idiosyncrasies – Disappearing MeetingsDisappearing Meetings
• If you access your If you access your account on more than one account on more than one computer (via Outlook, computer (via Outlook, OWA, or Citrix) and OWA, or Citrix) and accept a meeting on one, accept a meeting on one, do notdo not delete the delete the invitation on the other(s). invitation on the other(s).
• Doing so could remove Doing so could remove the meeting from your the meeting from your calendar!calendar!
September 11, 2008 68
Calendar Idiosyncrasies – The Calendar Idiosyncrasies – The “Sniffer”“Sniffer”
• Always accept meeting Always accept meeting invitations from your invitations from your InboxInbox
• Outlook uses the “Sniffer” to Outlook uses the “Sniffer” to place an invitation tentatively place an invitation tentatively on your calendar until you on your calendar until you accept.accept.
• The Sniffer does The Sniffer does notnot send a send a response to the organizer – response to the organizer – only you can do that by only you can do that by clicking Accept, Tentative, or clicking Accept, Tentative, or Decline.Decline.
September 11, 2008 69
Calendar Idiosyncrasies – Calendar Idiosyncrasies – Inviting OthersInviting Others
• If you know of another who should If you know of another who should attend a meeting for which you are attend a meeting for which you are notnot the organizerthe organizer– Send the organizer an e-mail or call them to Send the organizer an e-mail or call them to
let them knowlet them know– Do notDo not forward the invitation – forwarding forward the invitation – forwarding
does does notnot update the invitation for everyone! update the invitation for everyone!
September 11, 2008 70
Additional ApplicationsAdditional Applications
• The Check In Check Out (The Check In Check Out (CICOCICO) System) System
– Web-based approval mechanism for NHQ 224 Web-based approval mechanism for NHQ 224 (System Access Request) that routes request (System Access Request) that routes request through approval cyclethrough approval cycle
• IT&CD Work Management System (IT&CD Work Management System (IWMSIWMS))
– Web-based application designed to manage the Web-based application designed to manage the IT Service Request (SR) process at HQIT Service Request (SR) process at HQ
• PKI EntrustPKI Entrust for encrypting e-mail for encrypting e-mail
– PGP for encrypting outside of NASAPGP for encrypting outside of NASA
September 11, 2008 71
IT Help Desk IT Help Desk (Option 1 @ 358-HELP) (Option 1 @ 358-HELP)
• Report ProblemsReport Problems – Call Call 358-HELP (4357)358-HELP (4357) or (Toll free) 1-866-4NASAHQ or (Toll free) 1-866-4NASAHQ
(462-7247) (462-7247) – E-mail: E-mail: [email protected]@hq.nasa.gov
• Give detail of problem or requestGive detail of problem or request– Visit Visit
http://www.odin.lmit.com/hq/helpdesk.htmlhttp://www.odin.lmit.com/hq/helpdesk.html • Open ticket on-line Open ticket on-line • Check status of existing ticketCheck status of existing ticket
• NASA IT Central Help Desk is staffed 24x7x365NASA IT Central Help Desk is staffed 24x7x365
September 11, 2008 72
Standard Help Desk Response Standard Help Desk Response TimesTimes
• 8 business hours to fix problem8 business hours to fix problem– Please respond to IT Help Desk when contactedPlease respond to IT Help Desk when contacted
• 30 minutes to respond to a “work stoppage” 30 minutes to respond to a “work stoppage” – 2 hours to return to service2 hours to return to service– Your office may be charged $150+Your office may be charged $150+
• Please fill out customer survey for all closed Please fill out customer survey for all closed ticketstickets
• If you do not get the support you need:If you do not get the support you need:– Ask Help Desk to escalate your requirementAsk Help Desk to escalate your requirement– Or call/e-mail Customer Services BranchOr call/e-mail Customer Services Branch
September 11, 2008 74
Press 4 AV Conferencing & Support
Mail ServicesReceiving & Inspection
VITS SchedulingLibrary Services
Press 6 Communications Support
Services Center
NASA HQ Office of Operations NASA HQ Office of Operations Help LineHelp Line
Press 1 Computer HelpTeleconferencingADP ServicesXerox Services
Press 3LocksmithFacilities & Safety HazardsMove Services
Press 2 IEMP Password ResetsPayrollWebTADSTravel Manager
Press 5 CI TravelPassport
Parking Permits & Transit Subsidies
Nations Bank Government CardGarage & Government Vehicles
Press 7 Badging Office
Press 8 Password Resets
September 11, 2008 75
Questions?Questions?
BreakBreak
Sensitive Information Protection Sensitive Information Protection Awareness TrainingAwareness Training
September 11, 2008 78
• Office of Management & Budget (OMB) memo M-06-16 (Appendix B in handout) required Agencies to take 4 actions with respect to Personally Identifiable Information (PII):
– Encrypt data on mobile computers– Require 2-factor (token/SmartCard) authentication for remote
access (Implemented at HQ)– Implement “time-out” limits after 30 minutes
of inactivity (Implemented at HQ)– Track/Log all computer-readable extracts of PII data from
databases, and erase within 90 days (unless still needed).• Emphasis on sensitive information that is either:
– Accessed remotely– Physically transported outside of Agency’s facility
• Incident reporting requirement of 1 hour from time of discovery• NASA and the Federal Government already have applicable penalties
of written reprimand to removal for 1st time offenders, 1 to 3 days suspension or removal for 2nd offenses and 7 days suspension to removal for 3rd offense. Federal consequences include fines of $3000.00.
1
What and Why?What and Why?
September 11, 2008 79
Personally Identifiable Information (PII)Personally Identifiable Information (PII)
• Any information that identifies or can be used to identify, contact, or Any information that identifies or can be used to identify, contact, or locate the person to whom such information pertains. locate the person to whom such information pertains.
• This includes information that is used in a way that is personally This includes information that is used in a way that is personally identifiable, including linking it with identifiable information from other identifiable, including linking it with identifiable information from other sources, or from which other personally identifiable information can sources, or from which other personally identifiable information can easily be derived, including, but not limited to, name, address, phone easily be derived, including, but not limited to, name, address, phone number, fax number, e-mail address, demographic information such as number, fax number, e-mail address, demographic information such as age, income, and zip code, financial profiles, social security number, age, income, and zip code, financial profiles, social security number, and credit card information. and credit card information.
• To the extent unique information (which by itself is not Personally To the extent unique information (which by itself is not Personally Identifiable Information) such as a personal profile, unique identifier, Identifiable Information) such as a personal profile, unique identifier, biometric information, and IP address is associated with Personally biometric information, and IP address is associated with Personally Identifiable Information, then such unique information is also Identifiable Information, then such unique information is also considered Personally Identifiable Information. considered Personally Identifiable Information.
• Personally Identifiable Information does not include information that is Personally Identifiable Information does not include information that is collected anonymously (i.e., without identification of the individual collected anonymously (i.e., without identification of the individual user) or demographic information not connected to an identified user) or demographic information not connected to an identified individual.individual.
2
What is PII?What is PII?
September 11, 2008 80
• Laptops and external hard drives are Laptops and external hard drives are required to use the following required to use the following mechanisms to protect PII on the mechanisms to protect PII on the desktop and laptop:desktop and laptop:
– PC: Entrust ICEPC: Entrust ICE
– Mac: File Vault Mac: File Vault
• Entrust is the Agency tool for e-mail Entrust is the Agency tool for e-mail encryption. Mac customers will need encryption. Mac customers will need Entrust to encrypt/un-encrypt e-mails.Entrust to encrypt/un-encrypt e-mails.
3
Agency SolutionAgency Solution
September 11, 2008 81
EntrustEntrust
• Entrust is a family of products that allow you to Entrust is a family of products that allow you to encrypt and digitally sign documents. encrypt and digitally sign documents.
• You can encrypt documents for yourself or for You can encrypt documents for yourself or for sending to someone else. sending to someone else.
• In order to use Entrust:In order to use Entrust:– The workstation software must be installed on your The workstation software must be installed on your
computer. computer. – You must be issued a digital certificate by the You must be issued a digital certificate by the
Registration Authority. Registration Authority. – You must have an Entrust profile created and stored You must have an Entrust profile created and stored
on the hard drive of your computer. on the hard drive of your computer. View: http://www.hq.nasa.gov/itcd/itsecurity/pki_entrust.htmlView: http://www.hq.nasa.gov/itcd/itsecurity/pki_entrust.html
HQ Appropriate Use PolicyHQ Appropriate Use Policyand IT Security Awareness and IT Security Awareness TrainingTraining
September 11, 2008 83
Use Of NASA IT ResourcesUse Of NASA IT Resources
• NASA IT Resources are for OFFICIAL BUSINESS and NASA IT Resources are for OFFICIAL BUSINESS and other less formal authorized activities.other less formal authorized activities.
• Limited personal use is permitted provided:Limited personal use is permitted provided:– It does not interfere with NASA missions or It does not interfere with NASA missions or
operations.operations.– It does not affect employee productivity.It does not affect employee productivity.– It does not incur additional expense to the It does not incur additional expense to the
Government.Government.– It does not violate the Standards of Ethical It does not violate the Standards of Ethical
Conduct for Employees of the Executive Branch (5 Conduct for Employees of the Executive Branch (5 CFR 2635)CFR 2635)
September 11, 2008 84
• Any activity or exchange, which would Any activity or exchange, which would violate federal, state, or local laws, violate federal, state, or local laws, regulations, or policies.regulations, or policies.
• Operating a private business, consulting, or Operating a private business, consulting, or sale of goods and services.sale of goods and services.
IT Prohibited PracticesIT Prohibited Practices
September 11, 2008 85
• Outside fund-raising, endorsement, Outside fund-raising, endorsement, lobbying, or participation in prohibited lobbying, or participation in prohibited partisan political activity.partisan political activity.
• Creation, downloading, viewing, storage, Creation, downloading, viewing, storage, copying, or transmission of sexually explicit copying, or transmission of sexually explicit material or materials related to gambling, material or materials related to gambling, illegal weapons, terrorist activity, or illegal weapons, terrorist activity, or controlled substances.controlled substances.
IT Prohibited Practices IT Prohibited Practices (cont.)(cont.)
September 11, 2008 86
• Creation, copying, transmission/re-Creation, copying, transmission/re-transmission of chain letters or other transmission of chain letters or other unauthorized mass mailings.unauthorized mass mailings.
• Transmission of profane, obscene, abusive, Transmission of profane, obscene, abusive, offensive, or harassing statements offensive, or harassing statements including disparagement of others based on including disparagement of others based on race, national origin, sex, sexual race, national origin, sex, sexual orientation, age, disability, religion, political orientation, age, disability, religion, political beliefs, or political affiliation.beliefs, or political affiliation.
IT Prohibited Practices IT Prohibited Practices (cont.)(cont.)
September 11, 2008 87
• Circumventing or disabling IT Security Circumventing or disabling IT Security measures such as anti-virus software or measures such as anti-virus software or attempting to deprive authorized users attempting to deprive authorized users access to a resource.access to a resource.
• Illegal or unauthorized entry into or Illegal or unauthorized entry into or modification, destruction, manipulation, or modification, destruction, manipulation, or denial of access to information residing on ANY denial of access to information residing on ANY information system.information system.
IT Prohibited Practices IT Prohibited Practices (cont.)(cont.)
September 11, 2008 88
IT Prohibited Practices IT Prohibited Practices (cont.)(cont.)
• Downloading, installing, or running programs or Downloading, installing, or running programs or utilities that may expose or exploit weaknesses utilities that may expose or exploit weaknesses in system security without express permission in system security without express permission of Headquarters CIO.of Headquarters CIO.
• Posting NASA or other information to Posting NASA or other information to newsgroups, bulletin boards or other public newsgroups, bulletin boards or other public forums without authority.forums without authority.
September 11, 2008 89
• Use of a NASA computer system in any way Use of a NASA computer system in any way that might be interpreted as an attempt to that might be interpreted as an attempt to influence a member of Congress regarding influence a member of Congress regarding legislation or appropriation.legislation or appropriation.
• Loading software or moves, additions, Loading software or moves, additions, alterations, or replacement of any HQ alterations, or replacement of any HQ computers, network connections cable plant, or computers, network connections cable plant, or other IT resources without express permission other IT resources without express permission of Headquarters CIO.of Headquarters CIO.
IT Prohibited Practices IT Prohibited Practices (cont.)(cont.)
September 11, 2008 90
IT Prohibited Practices IT Prohibited Practices (cont.)(cont.)
• Unauthorized acquisition, use, Unauthorized acquisition, use, reproduction, transmission, or reproduction, transmission, or distribution of any controlled information distribution of any controlled information that includes privacy act, copyrighted, that includes privacy act, copyrighted, trade marked, or material with other trade marked, or material with other intellectual property rights; proprietary intellectual property rights; proprietary data; or export controlled information. data; or export controlled information.
September 11, 2008 91
A Good Rule Of ThumbA Good Rule Of Thumb
Ask yourself: Ask yourself:
Would I be using Government Would I be using Government resources like this if my resources like this if my supervisor or the NASA supervisor or the NASA administrator was looking over administrator was looking over my shoulder? my shoulder?
If the answer is no, thenIf the answer is no, thenyou should refrain from the you should refrain from the activity in your work place.activity in your work place.
September 11, 2008 92
All Web site traffic is All Web site traffic is monitored!monitored!
September 11, 2008 93
• Must be at least 12 characters long.Must be at least 12 characters long.• Must contain at least one alpha, one numeric, and one Must contain at least one alpha, one numeric, and one
special character.special character.• Must not contain any form of your name, user-id, birth Must not contain any form of your name, user-id, birth
date, family member name, personal information, date, family member name, personal information, dictionary words, NASA project or Organization name, dictionary words, NASA project or Organization name, vendor product, sports team names, vehicle names, etc.vendor product, sports team names, vehicle names, etc.
• You may not reuse any of your previous You may not reuse any of your previous 2424 passwords. passwords.• If you must write it down – LOCK IT UP!If you must write it down – LOCK IT UP!• Passwords must be changed every 60 days.Passwords must be changed every 60 days.• Don’t wait until it expires to change it.Don’t wait until it expires to change it.• For password resets or assistance, call 358-HELP.For password resets or assistance, call 358-HELP.
Password ProceduresPassword Procedures
September 11, 2008 94
Social EngineeringSocial Engineering
• Hackers use of lies, impersonation, tricks, Hackers use of lies, impersonation, tricks, bribes, threats, or blackmail to gain the bribes, threats, or blackmail to gain the information required to attack information information required to attack information systems.systems.
• Don’t ever provide any information over the Don’t ever provide any information over the phone or via e-mail concerning yourself or your phone or via e-mail concerning yourself or your computer unless you are absolutely certain of computer unless you are absolutely certain of the identity of the solicitor.the identity of the solicitor.
• NEVER PROVIDE YOUR PASSWORD TO NEVER PROVIDE YOUR PASSWORD TO ANYONE!ANYONE!
September 11, 2008 95
Basic IT Security for 2008 Basic IT Security for 2008
• All NASA employees must complete All NASA employees must complete Basic IT Security Training annuallyBasic IT Security Training annually
• New employee orientation New employee orientation DOES NOTDOES NOT satisfy satisfy the annual requirementthe annual requirement
• Training is offered via the NASA SATERN Training is offered via the NASA SATERN Learning Management System Learning Management System (https://satern.nasa.gov) or classroom sessions (https://satern.nasa.gov) or classroom sessions at Headquartersat Headquarters
• See the "Training & Awareness" page at See the "Training & Awareness" page at http://www.hq.nasa.gov/security for completion http://www.hq.nasa.gov/security for completion deadlines, classroom training schedules, & deadlines, classroom training schedules, & more informationmore information
September 11, 2008 96
• Greg Kerr - HQ IT Security Manager Greg Kerr - HQ IT Security Manager – (202) 358-2218(202) 358-2218– [email protected] [email protected]
• Scott Oglesby – HQ IT Technical Security Scott Oglesby – HQ IT Technical Security ManagerManager– (202) 358-0654(202) 358-0654– [email protected]@nasa.gov
• Andrew Boncek - HQ IT Technical Security Andrew Boncek - HQ IT Technical Security Manager Manager – (202) 358-7218(202) 358-7218– [email protected] [email protected]
Questions?Questions?
September 11, 2008 98
Voice MailVoice Mail
• VoIP telephonesVoIP telephones
• NASA HQ Voice Messaging SystemNASA HQ Voice Messaging System
• Training available by requestTraining available by request
• Call the CTC at 358-1111 to schedule Call the CTC at 358-1111 to schedule trainingtraining
ConclusionConclusion
September 11, 2008 100
Key Points to RememberKey Points to Remember
• IT Help DeskIT Help Desk– Call Call 358-HELP358-HELP ( (43574357) ) – Send e-mail to: Send e-mail to: [email protected]@hq.nasa.gov
• Computer Training Center (CTC)Computer Training Center (CTC)– Call 358-1111Call 358-1111– Send an e-mail to [email protected] an e-mail to [email protected]– Visit http://ctc.hq.nasa.gov Visit http://ctc.hq.nasa.gov
September 11, 2008 101
Key Points to RememberKey Points to Remember
• Metrics:Metrics:– Move/Add/Change requests. The contractor Move/Add/Change requests. The contractor
has 3 days after has 3 days after NASANASA approval to approval to complete.complete.
– Problem Ticket. The contractor has 1 day to Problem Ticket. The contractor has 1 day to complete. User may declare a work complete. User may declare a work stoppage; the contractor has 30 minutes to stoppage; the contractor has 30 minutes to begin work. Costs $150+ each time. Most begin work. Costs $150+ each time. Most “Critical Uplifts” require Customer Services “Critical Uplifts” require Customer Services Branch approval.Branch approval.
September 11, 2008 102
Key Points to RememberKey Points to Remember
• Do not:Do not:– Disable software on your computer. This is Disable software on your computer. This is
an Appropriate Use violation and could result an Appropriate Use violation and could result in a $150 charge each timein a $150 charge each time
– Load (download) software or Windows Load (download) software or Windows patches:patches:• Causes a serious breach of securityCauses a serious breach of security• May result in $150 charge for a restore to service May result in $150 charge for a restore to service
September 11, 2008 103
Key Points to RememberKey Points to Remember
• IT Help Desk will:IT Help Desk will:– Try to fix your problem on the first callTry to fix your problem on the first call– May have to call you backMay have to call you back– May have to visit your workstationMay have to visit your workstation
• With you presentWith you present• Without you presentWithout you present
– If unable to help, will escalate your need to If unable to help, will escalate your need to the Customer Services Branch the Customer Services Branch
September 11, 2008 104
Internet References and Internet References and ResourcesResources
• NASA PeopleNASA Peoplehttp://nasapeople.nasa.govhttp://nasapeople.nasa.gov
• HQ Home PageHQ Home Pagehttp://www.hq.nasa.gov http://www.hq.nasa.gov
• Information Technology & Information Technology & Communications Home PageCommunications Home Pagehttp://www.hq.nasa.gov/itcd http://www.hq.nasa.gov/itcd
• IT SecurityIT Securityhttp://www.hq.nasa.gov/itcd/itsecurity/it-http://www.hq.nasa.gov/itcd/itsecurity/it-
security.htmlsecurity.html
September 11, 2008 105
Internet References and Internet References and Resources (cont.)Resources (cont.)
• Computer Training Center Home PageComputer Training Center Home Pagehttp://ctc.hq.nasa.gov http://ctc.hq.nasa.gov
• IT Security Training – SATERNIT Security Training – SATERNhttps://satern.nasa.gov/elms/learner/login.jsphttps://satern.nasa.gov/elms/learner/login.jsp
• WebTADSWebTADShttp://webtads.hq.nasa.gov/training.htmhttp://webtads.hq.nasa.gov/training.htm
• Travel ManagerTravel Managerhttps://nasatravel.ifmp.nasa.govhttps://nasatravel.ifmp.nasa.gov
• Communications Support Services CenterCommunications Support Services Centerhttp://cssc.hq.nasa.gov/http://cssc.hq.nasa.gov/
• Desktop Backup and Recovery ProgramDesktop Backup and Recovery Programhttp://www.hq.nasa.gov/itcd/desktop_backup.htmlhttp://www.hq.nasa.gov/itcd/desktop_backup.html
September 11, 2008 106
Customer Services BranchCustomer Services BranchPhone NumbersPhone Numbers
– Jeff Hall Jeff Hall 358-1229358-1229– Elaine BowmanElaine Bowman 358-1342358-1342– Joan VerbeckJoan Verbeck 358-1477358-1477– Sharon WashingtonSharon Washington 358-2155358-2155– Jeff AndersonJeff Anderson 358-1348358-1348– Mike CrnkovicMike Crnkovic 358-0617358-0617– Stanley ArtisStanley Artis 358-2032358-2032– Tom PowersTom Powers 358-1666358-1666– Mary ShouseMary Shouse 358-0625358-0625
September 11, 2008 107
Employee IT ResponsibilitiesEmployee IT Responsibilities
• Fill out Account Administration Forms (NHQ 252)Fill out Account Administration Forms (NHQ 252)• Follow the “Appropriate Use” Policy in the performance Follow the “Appropriate Use” Policy in the performance
of your dutiesof your duties• Update ENS information when it changesUpdate ENS information when it changes• Obtain annual IT security trainingObtain annual IT security training• Maintain your own Directory recordMaintain your own Directory record• Back up your hard drive (C:)Back up your hard drive (C:)• Call IT Help Desk at 358-HELP (4357) for all IT services, Call IT Help Desk at 358-HELP (4357) for all IT services,
problems, and other needsproblems, and other needs• Consult with the Customer Services Branch and/or your Consult with the Customer Services Branch and/or your
IT Point-of-Contact (POC) for questions and requirements IT Point-of-Contact (POC) for questions and requirements that cannot be handled by the Help Deskthat cannot be handled by the Help Desk
September 11, 2008 108
Next StepsNext Steps
• Fill out Account Access Request (NHQ Fill out Account Access Request (NHQ 252) form252) form
• Enter ENS information or sign ENS Enter ENS information or sign ENS waiverwaiver
• If needed, schedule VoIP, Outlook, or If needed, schedule VoIP, Outlook, or Entourage training with the CTC Entourage training with the CTC 358-1111358-1111
• Complete IT Orientation SurveyComplete IT Orientation Survey
September 11, 2008 109
NHQ 252 – Account Access NHQ 252 – Account Access RequestRequest
Thank you for your attention!Thank you for your attention!
September 11, 2008 111
AppendicesAppendices
• Data BackupData Backup
Data BackupData Backup
September 11, 2008 113
Why Back Up Your Data?Why Back Up Your Data?
• Hard Drives can failHard Drives can fail– Not common, particularly among HQ Not common, particularly among HQ
usersusers– There have been several the pastThere have been several the past
• Protect your data by backing it upProtect your data by backing it up
September 11, 2008 114
How Often Should You Back Up How Often Should You Back Up Your Data?Your Data?
• Back up your data as frequently as you cannot Back up your data as frequently as you cannot afford to do it overafford to do it over– This could be every day, or less frequently, This could be every day, or less frequently,
depending upon your work needsdepending upon your work needs• In either case, you can use your Calendar or In either case, you can use your Calendar or
Tasks to set reminders to help you stay on top Tasks to set reminders to help you stay on top of managing your mail and data backupsof managing your mail and data backups
September 11, 2008 115
What Should You Back Up?What Should You Back Up?
• Aside from your mail (PST file), you should also Aside from your mail (PST file), you should also back up:back up:– Critical work dataCritical work data– Your Entrust Profile folder, if you have oneYour Entrust Profile folder, if you have one– Templates you have created locallyTemplates you have created locally– Favorites from your Web browserFavorites from your Web browser– Any other files/folders you cannot afford to Any other files/folders you cannot afford to
loselose
September 11, 2008 116
Backing Up Your E-mailBacking Up Your E-mail
• Server Folders vs. Personal FoldersServer Folders vs. Personal Folders– Data in the Server folders is backed up on a regular Data in the Server folders is backed up on a regular
basisbasis• You have a mailbox quota of 100 MbYou have a mailbox quota of 100 Mb• You must manage the mail you store on the server You must manage the mail you store on the server
in order to stay within your quotain order to stay within your quota• This may require you to periodically move mail to This may require you to periodically move mail to
your Personal Folders, or to an Archive fileyour Personal Folders, or to an Archive file– Data in your Personal Folders is not backed up Data in your Personal Folders is not backed up
automaticallyautomatically• You must manually back it up to an appropriate You must manually back it up to an appropriate
location for long term, secure storagelocation for long term, secure storage• The appropriate locations are detailed later in this The appropriate locations are detailed later in this
presentationpresentation
September 11, 2008 117
Mailbox FoldersMailbox Folders
• Server folders are Server folders are listed under your listed under your Mailbox name, usually Mailbox name, usually at the top of the folder at the top of the folder listlist
• Personal folders are Personal folders are listed under Personal listed under Personal Folders, usually below Folders, usually below your server foldersyour server folders
Server Folders
September 11, 2008 118
Outlook Auto-archiving vs. Manual Outlook Auto-archiving vs. Manual ArchivingArchiving
• Auto-archiving - designed to be a local backup of data Auto-archiving - designed to be a local backup of data that is overwritten by new data at regular intervals that is overwritten by new data at regular intervals – The default interval is every 14 daysThe default interval is every 14 days– The defaults can be changed by using Tools, Options The defaults can be changed by using Tools, Options
in Outlookin Outlook• Should I use Auto-archive?Should I use Auto-archive?
– If you do not need to keep data older than 14 days If you do not need to keep data older than 14 days OROR
– If you rename and copy these archive files to long If you rename and copy these archive files to long term, secure storage, you can take advantage of the term, secure storage, you can take advantage of the Auto-archive feature Auto-archive feature
September 11, 2008 119
Auto-archiving vs. Manual Auto-archiving vs. Manual Archiving, ContinuedArchiving, Continued
• Manual Archiving – allows you full control over Manual Archiving – allows you full control over what, where, and when to archivewhat, where, and when to archive– If you need to keep data for longer periodsIf you need to keep data for longer periods
OROR– If you want to control file naming and If you want to control file naming and
whether the files are overwritten, you can whether the files are overwritten, you can change the Auto-archive settings to change the Auto-archive settings to manually archive your mailmanually archive your mail
September 11, 2008 120
Archiving HintsArchiving Hints
• Regardless of whether you choose to Auto-archive or Regardless of whether you choose to Auto-archive or Manually Archive your mail:Manually Archive your mail:– Do not change the default location where the Do not change the default location where the
archive.pst file is created and retrieved by Outlookarchive.pst file is created and retrieved by Outlook• If you read the file from a network location, If you read the file from a network location,
your archived mail could become corrupted! your archived mail could become corrupted! – Rename the file when you copy it to another storage Rename the file when you copy it to another storage
locationlocationOROR
– Label/date the media if you back up to CD-ROM or Label/date the media if you back up to CD-ROM or DVD/R, so that you can easily locate the file you needDVD/R, so that you can easily locate the file you need
September 11, 2008 121
Backing Up Your PST FileBacking Up Your PST File
• Your PST file in Outlook/Entourage is where the Your PST file in Outlook/Entourage is where the mail in your Personal Folders is storedmail in your Personal Folders is stored
• File is typically too large to fit on a standard File is typically too large to fit on a standard issue flash drive (256 Mb)issue flash drive (256 Mb)– You may request a larger capacity flash You may request a larger capacity flash
drive (2 or 4 Gb); see your IT POC to request drive (2 or 4 Gb); see your IT POC to request oneone
– You may burn the file to a CD-ROM or a You may burn the file to a CD-ROM or a DVD/R (if you have a DVD burner on your DVD/R (if you have a DVD burner on your system)system)
– You may save it to your User folder on the You may save it to your User folder on the Network (T: drive)Network (T: drive)
September 11, 2008 122
Backing Up Your DataBacking Up Your Data
• Where can you store your data?Where can you store your data?– Flash driveFlash drive– CD-ROMCD-ROM– Hard driveHard drive– Network foldersNetwork folders
September 11, 2008 123
Where Can You Store Your Data?Where Can You Store Your Data?
• Flash drivesFlash drives– Temporary storage used for data transferTemporary storage used for data transfer
• CD-ROMsCD-ROMs– Longer term storage or for data transferLonger term storage or for data transfer
• Local Hard driveLocal Hard drive– Long term storageLong term storage
• Network foldersNetwork folders– Long term storage, data transfer between users, or Long term storage, data transfer between users, or
for data transfer between computer systems for data transfer between computer systems
September 11, 2008 124
Flash Drives – Pros & ConsFlash Drives – Pros & Cons
• Pros:Pros:– Fast, fairly high capacity (256 Mb standard; 2 – 4 Gb Fast, fairly high capacity (256 Mb standard; 2 – 4 Gb
available), durable, and compactavailable), durable, and compact– Ideal for transporting data from one physical location Ideal for transporting data from one physical location
to anotherto another– Nearly universal availability of USB support means Nearly universal availability of USB support means
they can be used almost anywherethey can be used almost anywhere
• Cons:Cons:– Volatile; can sustain only a limited number of Volatile; can sustain only a limited number of
write/erase cycles before failurewrite/erase cycles before failure– Can be damaged by misuse; typically occurs through Can be damaged by misuse; typically occurs through
repeated incorrect removal of device, causing loose repeated incorrect removal of device, causing loose circuit connectionscircuit connections
September 11, 2008 125
CD-ROM or DVD/R Pros & ConsCD-ROM or DVD/R Pros & Cons
• Pros:Pros:– Higher capacity than flash drives – standard Higher capacity than flash drives – standard
CD-ROM holds 650 or 700 Mb of dataCD-ROM holds 650 or 700 Mb of data– Single layer DVD/R can store 4.7 Gb, which Single layer DVD/R can store 4.7 Gb, which
is around 7 times as much as a standard CD-is around 7 times as much as a standard CD-ROMROM
– Relatively easy to useRelatively easy to use– Less volatile storage mediumLess volatile storage medium
• Cons:Cons:– Must be handled and stored carefully to Must be handled and stored carefully to
prevent damage to the media itselfprevent damage to the media itself
September 11, 2008 126
Hard Drive – Pros & ConsHard Drive – Pros & Cons
• Pros:Pros:– Less volatileLess volatile– High capacityHigh capacity– Easy to useEasy to use– Easy to organize/transfer data to and from different Easy to organize/transfer data to and from different
foldersfolders• Cons:Cons:
– Not automatically backed upNot automatically backed up– Not as easy to transfer data to other computer Not as easy to transfer data to other computer
systemssystems
September 11, 2008 127
Changing Your Default Save As… Changing Your Default Save As… Locations for the Office SuiteLocations for the Office Suite
• On a PC:On a PC:– In Excel and PowerPoint, go to Tools, Options, SaveIn Excel and PowerPoint, go to Tools, Options, Save– In Word, go to Tools, Options, File LocationsIn Word, go to Tools, Options, File Locations– In Access, go to Tools, Options, GeneralIn Access, go to Tools, Options, General
• On a Macintosh:On a Macintosh:– In Excel, go to Excel, Preferences, GeneralIn Excel, go to Excel, Preferences, General– In PowerPoint, go to PowerPoint, Preferences, In PowerPoint, go to PowerPoint, Preferences,
AdvancedAdvanced– In Word, go to Word, Preferences, File LocationsIn Word, go to Word, Preferences, File Locations
September 11, 2008 128
Network Folders – Pros & ConsNetwork Folders – Pros & Cons
• Pros:Pros:– Least volatile due to built in redundanciesLeast volatile due to built in redundancies– Automatically backed up on a regular Automatically backed up on a regular
scheduleschedule– Easy to transfer data between users or Easy to transfer data between users or
between systemsbetween systems• Cons:Cons:
– Requires authentication to the networkRequires authentication to the network– Your home system may require special setup Your home system may require special setup
or special instructions to access the network or special instructions to access the network remotelyremotely
September 11, 2008 129
Network FoldersNetwork FoldersLevel of Access Location Examples Description
User-SpecificUser-Specific \Users \Users (T: drive)(T: drive)
\Users\jdoe\Users\jdoe\Users\jhersche\Users\jhersche\Users\jsmith3\Users\jsmith3
Access to files and folders restricted to Access to files and folders restricted to the individual who owns the the individual who owns the account.account.
Sub-OfficeSub-Office Second LevelSecond Level of of Mission Mission Directorate/ Directorate/ Support Support Office Office Directory Directory (U: drive)(U: drive)
Office of External Relations = \SC\EROffice of External Relations = \SC\EROffice of Procurement = \IM\PROffice of Procurement = \IM\PROffice of Human Capital Management = \IM\HCMOffice of Human Capital Management = \IM\HCM((Note:Note: not all Mission Directorates or Mission Support not all Mission Directorates or Mission Support
Offices are organized this way. Only those that Offices are organized this way. Only those that merged two or more former Codes will have this level merged two or more former Codes will have this level of access)of access)
Access to files and folders restricted to Access to files and folders restricted to the sub-office of each Mission the sub-office of each Mission Directorate or Mission Support Directorate or Mission Support Office. Files and folders created at Office. Files and folders created at that level are not accessible by that level are not accessible by Mission Directorate or Mission Mission Directorate or Mission Support staff in the other sub-Support staff in the other sub-offices.offices.
Mission Mission Directorate/ Directorate/ Support Support OfficeOffice
Top-LevelTop-Level of of Mission Mission Directorate/ Directorate/ Support Support Office Office DirectoryDirectory
\IM (Institutions and Management)\IM (Institutions and Management)\SC (Strategic Communications)\SC (Strategic Communications)\ESMD (Exploration Systems Mission Directorate)\ESMD (Exploration Systems Mission Directorate)\SMD (Science Mission Directorate)\SMD (Science Mission Directorate)
Access available by all staff in the Mission Access available by all staff in the Mission Directorate or Mission Support Directorate or Mission Support Offices. Files and folders that need Offices. Files and folders that need to be shared across the Directorate to be shared across the Directorate or Mission Support Office should be or Mission Support Office should be saved here.saved here.
Multi-OfficeMulti-Office \hq_groups\hq_groups (W: drive) (W: drive)
\hq_groups\Budget Team\hq_groups\Budget Team\hq_groups\HQISO9000\hq_groups\HQISO9000
Access available by request using the Access available by request using the NHQ 224 form. Folders created here NHQ 224 form. Folders created here are for sharing data with specific are for sharing data with specific teams created from multiple teams created from multiple Mission Directorate and Mission Mission Directorate and Mission Support Offices.Support Offices.
HQ-WideHQ-Wide \hq_shared \hq_shared (X: drive)(X: drive)
\hq_shared\From Bill to Jane\hq_shared\From Bill to Jane\hq_shared\jennyK\hq_shared\jennyK
Files and folders created here are Files and folders created here are accessible to all staff and accessible to all staff and contractors at NASA HQ. This is a contractors at NASA HQ. This is a temporary storage facility only. temporary storage facility only. Data older than 60 days are purged Data older than 60 days are purged to conserve data space.to conserve data space.
September 11, 2008 130
Top-Level Network Folder Top-Level Network Folder StructureStructure
September 11, 2008 131
Hints for Managing Your DataHints for Managing Your Data
• Create a task with reminder or a calendar Create a task with reminder or a calendar event with reminder to archive your mail and event with reminder to archive your mail and back up your databack up your data
• Change your default Save As… location in the Change your default Save As… location in the Office Suite to point to your User folder on the Office Suite to point to your User folder on the NetworkNetwork
• Keep a minimal amount of data locally and Keep a minimal amount of data locally and back it up on a regular schedule back it up on a regular schedule