• NCAR Annual Report
• CISL report
• EOL report
• ESSL report
• RAL report
• SERE report

Security training for UCAR system administrators

In 2006, the UCAR Computer Security Advisory Committee (CSAC) approved policy 20060104-01 requiring all system administrators and other UCAR staff responsible for computer security to participate in eight hours of relevant training each year. To keep the training costs manageable for divisions and programs, CSAC decided to develop much of that training in-house, although administrators were encouraged to seek training in other venues as appropriate.

This work supports NCAR's strategic priority of "Developing and providing advanced services and tools." Developing and maintaining appropriate cyberinfrastructure security enables all of UCAR's organizational units in "Maintaining an innovative and creative workplace."

In FY2007, five two-hour security training sessions were developed by a former UCAR CSAC member to train UCAR system administrators in rigorously maintaining UCAR cyberinfrastructure at the appropriate security levels. In January 2007, CSAC decided to offer five two-hour training sessions, and eligible UCAR staff could meet their training requirements by attending the prerequisite Security Essentials course plus three of the following four sessions: Securing Unix/Linux, Securing Services, Securing Windows, and Securing MacOsX.

The course developer/trainer formed a security advisory group of several UCAR system administrators to guide the content of the training modules. He also conducted a survey of potential participants that illuminated the need for the MacOsX module.

Two training sessions were delivered in FY2007. The remaining three will be delivered in early FY2008. Training sessions will be updated and repeated as needed under the guidance of CSAC and the security advisory group.

This ongoing training series is supported by UCAR Communications Pool indirect funds.