Skip Navigation Links

Information Office Program

Michael J. Liszewski

Michael J. Liszewski
Information Office Program Manager
Phone: 928.556.7458
E-mail: mjliszew@usgs.gov

Detailed Biography

Security

Computer security consumes more and more of the available SAP resources with each year in terms of budget and manpower. Vulnerabilities allowing remote access by unauthorized individuals are discovered almost daily. In addition, computer viruses are released on the Internet at large just as frequently. During the last year alone there have been over 7000 attempted hacks on GCMRC computer systems. Largely due to the diligence of the SAP in maintaining a secure computing environment, none of these hacks have been successful.

Computer security begins with a firewall located at the U.S. Geological Survey’s portal to the Internet via the GEOnet network at Menlo Park. Secondly and more specifically a dual firewall exists at the Flagstaff Field Center campus. The first firewall restricts enterprise level intrusion attempts while allowing the public access to our publicly available web, database and FTP servers. The second firewall restricts external access to our internal network.

To maintain the integrity of our desktop computing environment, we employ three software programs. Microsoft Systems Update Server (SUS), Microsoft Systems Management Server (SMS) and Symantec Anti-Virus Corporate Edition (AV-CE). Microsoft Operating systems (OS) are updated to minimize vulnerabilities using SUS. SUS automates a central delivery system for patch management. This system downloads nightly all OS fixes released by the manufacture. This is then reviewed by the systems administration staff. Applicable patches are flagged for release and pushed to GCMRC computers. Computers are scheduled to retrieve updates from the SUS server each night.

All other application products, including the office suite are patched for vulnerabilities using SMS. SMS works similarly to SUS with one major exception, patches must be downloaded and a package built to be delivered to the desktops. SMS delivers the package to the desktops on an as required basis.

AV-CE virus updates are downloaded from the web to the AV-CE server as released and pushed to all systems the same night. The AV-CE server allows for central management of anti-virus information and tracking of virus infections that are introduced. Centrally managing the anti-virus software and updates insures protection is enabled on the desktops and standards are followed for scanning introduced files.