|Feynman Computing Center is home to Fermilab’s computer security systems and personnel. Photo: Reidar Hahn|
With some recent reorganization and the addition of a new member, this is an appropriate time to remind people of the function the Computer Security Team serves and the methods by which you might interact with them.
Fermilab’s chief information security officer is Irwin Gaines. Reporting to him are two groups dealing with Compliance, Audits and Oversight (CAO) and Collaborative Security Research (CSR). CAO is led by Joe Klemencic, who is also the lab information security system officer (ISSO), while CSR is led by Mine Altunay, who is also the open science grid security officer. Members of the security team are Wayne Baisley, Ron Cudzewicz, Art Lee, Tim Rupp and Greg Cisko, who has recently joined the team.
These eight individuals cannot by themselves ensure the multitude of lab computing systems are operated securely. Rather, this group provides expertise, advice and oversight to help all lab computer users keep security in their minds and to avoid risky configurations or practices. This is similar to the manner in which the ES&H section interacts with all lab employees to provide a safe working environment.
The team does operate some services connected with its oversight role. This includes running scanners to detect vulnerable systems, collecting large amounts of data describing happenings on our networks and in our computers, dealing with security incidents and working with other groups in the computing sector to block unsecure systems from using our network. The team also works with system and service owners on risk assessments and security plans for their systems.
How do you interact with the security team? The preferred method is to open a service desk ticket requesting, for example, permission to run a Web server that will be visible from off site. Someone from the security team will contact you to handle your request. Non-urgent security incidents can be reported to firstname.lastname@example.org, but this address should not be used except for incident reporting. Other questions about computer security or lab policies and practices can be directed to email@example.com. You interact with members of the team when you take any of the required security training classes and through the change management process when new systems or applications are brought online and examined for any potential new and different security risks and vulnerabilities.