Voir en

français

Computer Security: Time for a spring clean

Computer security blog
(Image: CERN)

Spring is coming up fast and, in a deeply rooted tradition for house husbands and housewives, the time has come for a spring clean. Thoroughly cleaning the rooms, repainting some walls, fixing broken tiles, pimping up and beautifying your property, getting rid of unused clothes (or those which changed size and do not fit anymore), throwing out things that are just accumulating dust. And, while you’re at it, why not also take a look at your digital belongings, in particular those hosted by CERN?

Digital resources deserve some housekeeping too. A clean-up. Some fixing. Or to be thrown away, purged and deleted. For good. Experience has shown that creating/spawning digital resources is easy and usually comes with a need. The incentive to create is a given. But once a device, virtual machine, container, website, program or application is deployed and up and running, the incentive to maintain it diminishes. If the resource does its job, why bother? In many cases, the resources are sitting around idle, still consuming power and CPU cycles, blocking disk space, eating network bandwidth and posing a growing computer security risk. The most recent vulnerability (“log4shell”) has once more demonstrated the problem: when we asked people to fix that vulnerability in certain “Openshift containers”, and there were dozens, about 50% of the owners replied by saying “I don’t need that anymore and deleted it”. 50%. 50% of resources idle …

Thus, spring has arrived and we would like to encourage you to use your freshly gained energy to review your digital resources. Help us to save energy, licence costs, disk space and CPU cycles, and help us to reduce CERN’s exposure to cyberthreats and its consequential attack surface. Please go through the following list and ensure that your resources are up to date and fully patched (see our Bulletin article on “Beauty under the hood”), or just purge resources that are no longer needed:

If you have worked through the list until here, well done and thanks a lot! This is deeply appreciated for the sake of reducing CERN’s environmental impact and computer security attack surface. Thank you for your spring-cleaning efforts!

_____

Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, check our website or contact us at Computer.Security@cern.ch.