The Office of Inspector General performed an assessment of the management and control of authentication tokens at NASA Headquarters. The purpose of these tokens, which are used by authorized employees to remotely access Headquarters information technology networks and operating systems, is to enhance information technology security by strongly authenticating user identify before granting employees access to Headquarters computer systems. We made twelve recommendations for specific improvements. NASA management concurred with all twelve recommendations.

This report contains information that may not be releasable to the general public.