Cybersecurity enhancement
UCAR manages and maintains a large and diverse set of compute, data, data storage, email, web, and network servers that form the core information technology within the institution. Not only are these systems valuable monetarily, they comprise vital scientific research tools and business continuation systems used by the UCAR organization and university communities. To pursue the scientific mission of the organization in an unobstructed manner, CISL is committed to maintaining a security posture that represents an enterprise to the community and adheres to NSF security best practices and recommendations.
Providing secure information technology systems within CISL and across UCAR supports the NCAR strategic priority of "Developing and providing advanced services and tools." It is vital to the organization that we protect systems, data, and intellectual property at the highest level possible that keeps usability and security in balance.
During FY2008, these factors are vital to the continued security of IT systems at UCAR:
- Coordinated consistent security policies and procedures across UCAR by the Computer Security Advisory Committee (CSAC), with the goal of achieving the appropriate balance between reasonable protection and pursuit of the scientific mission of the institution
- Staff participation in the community-wide, NSF-sponsored Cybersecurity Summit 2008 held in May 2008 (NCAR hosted a breakout session in this year's summit)
- Initiating a redesign of the UCAR-wide token authentication service moving critical services to use One Time Password Tokens
- Placing increased importance on computer and network security when acquiring and configuring new equipment (computers, storage, network routers, etc.)
- Coordinated and presented security training for system administrators throughout UCAR
To maintain a meaningful security posture and to fulfill the near-term security objectives of CISL, the following plans for FY2009 are in place:
- Produce a UCAR/NCAR Cybersecurity Strategic Plan for 2009-2012
- Perform in a leadership role at the NSF-sponsored Cybersecurity Summit 2009
- Complete implementation of one-time password (OTP) technology across UCAR including the new gateway to bluefire
- Enhance our aggressive network and host monitoring tools to support increased traffic loads and provide redundancy by taking advantage of our other campuses
- Engage in collaborative efforts with peer and TeraGrid centers to share cybersecurity information, best practices, and incident notification
- Optimize our central logging system to incorporate all of UCAR
Cybersecurity at NCAR is supported by a combination of NSF Core funding and UCAR Communications Pool indirect funds.