CISL Annual Report banner  
   
NCAR Annual Report  >  CISL Annual Report Contents  >  Cyberinfrastructure
advanced  

Cybersecurity

UCAR manages and maintains a large and diverse set of compute, data, data storage, email, web, and network servers that form the core information technology within the institution. Not only are these systems valuable monetarily, they comprise vital scientific research tools and business continuation systems used by the UCAR organization and university communities. To pursue the scientific mission of the organization in an unobstructed manner, CISL is committed to maintaining a security posture that represents an enterprise to the community and adheres to NSF security best practices and recommendations.

Providing secure information technology systems within CISL and across UCAR supports the NCAR strategic priority of "Developing and providing advanced services and tools." It is vital to the organization that we protect systems, data, and intellectual property at the highest level where usability and security stay in balance. This work is supported by UCAR communications Pool indirect funds.

During FY 2006, items noteworthy to the continued security of the IT systems at UCAR include:

  • Coordinated consistent security policies and procedures across UCAR by the Computer Security Advisory Committee (CSAC), with a goal of achieving the appropriate balance between reasonable protection and pursuit of the scientific mission of the institution
  • Staff participated in the community-wide, NSF-sponsored Cybersecurity Summit 2005 held in December 2005
  • Initiated a redesign of the UCAR-wide token authentication service
  • Placed increased importance on computer and network security when acquiring and configuring new equipment (computers, storage, network routers, etc.)
  • Coordinated UCAR-wide system administrator security training

To maintain a meaningful security posture and to fulfill the near-term security objectives of CISL, the following plans for FY 2007 are in place:

  • Produce a UCAR/NCAR Cybersecurity Strategic Plan for 2007-2012
  • Perform in a leadership role at the NSF-sponsored Cybersecurity Summit 2007
  • Complete implementation of one-time password (OTP) technology across UCAR
  • Upgrade our aggressive network and host monitoring tools; augment current intrusion detection system (IDS) software
  • Engage in collaborative efforts with peer and TeraGrid centers to share cybersecurity information, best practices, and incident notification
  • Optimize our central logging system to incorporate all of UCAR
Director's Message | Discoveries | Table of Contents | CISL Research Catalog