Fermilab Today Tuesday, May 26, 2009
Search
Calendar

Have a safe day!

Tuesday, May 26
Noon
Summer Lecture Series - Curia II
Speaker: David Ritchie, Fermilab
Title: Computing at Fermilab
3:30 p.m
DIRECTOR'S COFFEE BREAK - 2nd Flr X-Over
THERE WILL BE NO ACCELERATOR AND PHYSICS TECHNOLOGY SEMINAR TODAY

Wednesday, May 27
3:30 p.m.
DIRECTOR'S COFFEE BREAK - 2nd Flr X-Over
4 p.m.
Fermilab Colloquium - One West
Speaker: Tim Meyer, TRIUMF
Title: Being Relevant in Tough Times: TRIUMF's Five-Year Plan

Click here for NALCAL,
a weekly calendar with links to additional information.

Weather

WeatherCloudy
74°/55°

Extended Forecast
Weather at Fermilab

Current Security Status

Secon Level 3

Wilson Hall Cafe

Tuesday, May 26
- Tomato bisque
- Lemon pepper club
- Beef fajitas
- Korean garlic chicken
- Grilled chicken caesar wrap
- Assorted sliced pizza
- Rio Grande taco salad

Wilson Hall Cafe Menu

Chez Leon

Wednesday, May 27
Lunch
- BBQ ribs
- Baked beans
- Cole slaw
- Black bottom banana cream pie

Thursday, May 28
- Closed

Chez Leon Menu
Call x3524 to make your reservation.

Archives

Fermilab Today
Result of the Week
Safety Tip of the Week
ILC NewsLine

Info

Fermilab Today
is online at:
www.fnal.gov/today/

Send comments and suggestions to:
today@fnal.gov

Visit the Fermilab
home page

From the Computing Division

Tune IT up

Today's column is written by Vicky White, acting chief information officer.

Vicky White

Many people at Fermilab are diligent about managing their desktops or laptops. They keep them up to date with patches and incorporate them into one of the laboratory's inventory and patching systems (as Windows, Mac or Linux users). However, we are only as strong against penetration by malicious adversaries as our weakest link.

Last week auditors from DOE who were checking out our computer security controls and our compliance with our own computer security policies found some of those weak links. They were able to gain access to a number of systems they could not have entered had we been fully conforming to our published security "baselines," fully implementing password complexity guidelines and more carefully monitoring alerts, such as antivirus-scan warnings.

It's time for a tune-up!

Today we launch a campaign to tune up our Information Technology (IT) to fully comply with our published security baselines and policies. We do this not only to comply with the audit requirements but to strengthen computing at Fermilab to support our physics mission.

In the coming months every desktop and laptop owned by Fermilab will receive either a physical or virtual visit from a trained system administrator who will check it for full compliance with required baseline configurations. Those who do not need administrative privileges to carry out their job functions will no longer have such privileges. Those who do will maintain administrative privileges and will be retrained in how to ensure that their systems meet requirements. We will incorporate every machine into the automated inventory and patching systems provided for Windows, Linux and Mac systems. We will remove from the network desktops and laptops that are not running an approved OS with a published security baseline. We will take out of service desktops and laptops that are too old to be updated or are running systems that cannot be brought up to standards; or we will fully document the need to run them and put in place compensatory controls, such as isolating them in their own network segment.

Let me be frank. This process is likely to be rather painful for some who are accustomed to having full control of their computers. It will considerably increase the number of Service Desk tickets, so we will increase the number of ticket responders. We will also add staff to carry out other aspects of our campaign.

The pain will be worth it. We will be safer and better off after this campaign. We may even find that it is less work to manage the many IT systems we have.

Photos of the Day

Asian Pacific American Heritage celebration 2009

To honor Asian/Pacific American Heritage month, Fermilab's Diversity Council hosted a series of cultural dances May 15 in Ramsey Auditorium.

Professionally trained dancers of the Xilin Chinese Academy in Naperville perform a Chinese classical dance in Ramsey Auditorium.

See more images

Press Release

Cosmology's best standard candle gets even better

From Lawrence Berkeley National Laboratory, May 21, 2009

Members of the international Nearby Supernova Factory (SNfactory), a collaboration among the U.S. Department of Energy's Lawrence Berkeley National Laboratory, a consortium of French laboratories, and Yale University, have found a new technique that establishes the intrinsic brightness of Type Ia supernovae more accurately than ever before. These exploding stars are the best standard candles for measuring cosmic distances, the tools that made the discovery of dark energy possible. SNfactory member Stephen Bailey, formerly at Berkeley Lab and now at the Laboratory of Nuclear and High-Energy Physics (LPNHE) in Paris, France, searched the spectra of 58 Type Ia supernovae in the SNfactory's dataset and found a key spectroscopic ratio. Simply by measuring the ratio of the flux (visible power, or brightness) between two specific regions in the spectrum of a Type Ia supernova taken on a single night, that supernova's distance can be determined to better than 6 percent uncertainty.

The new brightness-ratio correction appears to hold no matter what the supernova's age or metallicity (mix of elements), its type of host galaxy, or how much it has been dimmed by intervening dust.

Read more

Director's Corner

Tune IT up

Pier Oddone

A Department of Energy cybersecurity audit last week found very serious shortcomings in how we are managing our computers at Fermilab. Among other problems, the review team found unlocked doors leading to open computers on employees' desks, easy access to system administrators' accounts, passwords openly displayed and failure to respond quickly to virus alerts. Overall, we received a cybersecurity grade of "marginal."

The world-class science at our laboratory requires world-class management of our computing resources. Moreover, we must do this within the context of the cybersecurity requirements of the federal government, including DOE, which provides those resources. As the audit showed us, addressing these findings will require a culture change at Fermilab. At a laboratory where we value creative thinking and individual points of view, we are accustomed to great personal latitude in the way we manage our computers. The realities of today's cybersecurity environment mean that we will have to give up some of that individual latitude for the sake of the safety and efficiency of scientific operations.

I have directed Vicky White, Fermilab's chief information officer, to take whatever steps are necessary to address the findings in this audit and to bring Fermilab cybersecurity up to the same standard of excellence we require for every other area of laboratory operations. With my full support, she will lead a campaign, "Tune IT Up," that will involve every Fermilab employee and user in making changes to the way we manage computers. We will need to move quickly. Just like safety, cybersecurity is the responsibility of every person at the laboratory. Line managers are responsible for understanding and enforcing policies on computer security. System administrators must follow the requirements for configuration of the machines under their control. Each user is responsible for understanding and following the Fermilab Policy on Computing. Employees with higher levels of responsibility, for example those handling privacy information, must exercise a higher level of care handling the information under their control.

The Tune IT Up campaign will not be an exercise in assigning blame for past problems but a lab-wide effort to bring management of IT and cybersecurity standards at Fermilab to the level where they should be. A dedicated Web site will track progress, provide resources, and answer your questions. As a laboratory, we have repeatedly shown that we can meet very significant challenges when we all pull together. I am confident that we will meet this one as well.

Accelerator Update

May 20-22
- Two stores provided ~7.25 hours of luminosity
- MI-42 quadrupole magnet replaced

Read the Current Accelerator Update
Read the Early Bird Report
View the Tevatron Luminosity Charts

Announcements

Latest Announcements

New URA Email Address

Pool membership drive has begun

NALWO - Brown Bag Lunch - Chinese Pottery - today

Are you Fit to a T? - May 27

Users Office closed and May 27

Film Society looking for new members

Argentine Tango classes through June 24

Nanotechnology Lecture: Crafting of Self-Assembling Materials for Medicine & Energy - Fermilab Lecture Series - May 29

Microsoft Office 2007 help at the Library

Science Adventures for children

Discounted Rates at Grand Geneva Resort, Lake Geneva, WI

Summer co-ed volleyball league begins June 1

Registration for Users' Meeting is open

Conflict Management and Negotiation Skills class - June 3 and 10

Discount tickets to "1964"...Beatles tribute - June 6

Susan Werner - singer/songwriter performs on Arts Series

SciTech summer camps

Recreation Department announces Club & League Fair drawing winners

Process piping (ASME B31.3) class offered in October

Concerned about H1N1? Ask a question

 
Additional Activities


Submit an announcement

Fermi National Accelerator - Office of Science / U.S. Department of Energy | Managed by Fermi Research Alliance, LLC.
 
Security, Privacy, Legal  |  Use of Cookies