Voir en


Computer Security: Go clever! Go central!


In times of scarce resources, time pressure, and the increasing complexity of running software applications, why not follow the herd and go clever? It just doesn’t make any sense any more to reinvent the wheel and then just stand back. Running your own computing hardware, installation stack, (web) applications, databases, etc., is just not cost effective and usually you won’t be able to commit the required attention to keeping those systems sufficiently secure. Just recently, CERN "lost" two locally managed "Jenkins" instances because they were not kept up to date (see our Monthly Report for details). So, wouldn’t it be better to concentrate on the real job and delegate non-core responsibilities to CERN's professionals?

The CERN IT department provides you with a vast catalogue of centrally managed computing facilities, starting with hardware platforms to run your favourite operating system ("Openstack") or application (e.g. "Apache", "Grafana", "Jenkins", "Nexus", .NET/Perl/PHP/Python/Ruby or "Rundeck" on "Openshift"). They also allow you to choose from a variety of centrally supported software applications for Windows ("CMF"), Linux ("Linuxsoft") and Mac ("Mac Self-Service"). This includes dedicated and sophisticated software packages for engineering, mathematics and mechanical design. If you require your own database ("Database-on-Demand") or need to store vast amounts of data ("EOS"; "CERNbox") central professional IT services are there to help. And if you are running your own local computer cluster, CERN IT would be happy to discuss with you how to integrate your needs into the services provided by CERN's central computing centre.

This approach may not always provide a 100% match but, if you can compromise, it’s a great way not only to reduce the time you spend maintaining layer upon layer of computing hardware and software, but also to relieve you from the need to check for new updates and worry about patches, and to avoid the hassle of implementing all necessary features in order to keep your application well protected and secured. So, take a look at CERN IT’s full list of central computing services and/or join the next IT User’s Meeting for the most recent news and deployments available to you. And if you need help, you can always contact the CERN IT Consultants to get an opinion on how best to cover your needs with CERN IT solutions.

And the IT department is not the only central entity providing you with professional IT services for free. The Business Computing group in the FAP department provides you with all the financial and HR applications you could possibly need. As does the EP-SFT group for physics computing, simulations and data analysis. And the CO and ICS groups of the BE department, which can provide you with all the necessary control system software you need to run your accelerator or experiment at CERN. Thanks to all of these, you can obtain professionally managed and well secured software, applications and computing services for free, instead of losing time through reinventing the wheel.

Last but not least, we’d also like to say a big thank you to another central service, the CERN Translation and Minutes Service, to whom we are grateful for the English proof-reading and translation into French of all our Computer Security Bulletin articles!


Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, check our website or contact us at Computer.Security@cern.ch.