Blog

This week, the final version of the new DOE Cybersecurity Directive entered Revcom for concurrence. Berkeley Lab strongly supports the new direction provided by the Directive, and its renewed focus on balanced risk management, a mission-centric view of risk, and the role of the Contractor Assurance System in providing reasonable assurance to the Department of Energy that the Laboratory is operating an effective, efficient, responsive, and balanced cyber security program.

In 2011, we'll be working on refining and improving our contractor assurance mechanisms to reflect these changes. We'll also be beginning our new "System Authorization" process which will be grounded in the values instantiated in the new Order, and in the Office of Science's new Risk Management Approach Implementation Plan.

As always, we'll be focusing on ensuring that Science and Operations are appropriately protected, that decisions about protections are weighed with risks to the conduct of research and the culture of the laboratory, and that individuals closest to the work take responsibility for understanding and protecting their information and systems.

We believe that the changes in the Directive will result in more effective cyber security efforts at Berkeley Lab and across the Department, as we focus our resources on the most serious risks to our operations and the Department focuses its resources in a similar manner.

We'll be keeping you updated on our progress throughout the year.

Laptop Statistics

Berkeley Lab operates a flexible IT environment where investigator autonomy to choose the right tools for their work is encouraged and supported.  This stands in contrast to the approaches of many of our sister Laboratories and most government agencies, but is consistent with how large Tier 1 research Universities typically structure their approach.  We believe that the small reduction in efficiencies is more than offset by the flexibility this approach this provides, the attendant productivity improvements, and the reduction in resources required for central planning (which often fails to accurately predict demand and fails to keep up with changing requirements and preferences).  Fundamentally, IT is not an interchangeable commodity at a research institution, it's a key part of the way researchers work.  So... how are people choosing to work at LBL?

The chart below shows laptop acquisitions month by Month for 2005-2009 YTD. 

Here are some observations:

Overall in FY2009, the lab acquired 378 Apple Laptops and 425 non-Apple Laptops.  We assume the vast majority of these non-Apple laptops were purchased with Windows.  Dell is the largest contributor to the Windows side, with Lenovo in second place.  Apple was 47% of the acquired laptops, non-Apple (which I will now call Windows), was 53%.  However, we believe that a large fraction of the Apple users also run Windows (usually using Parallels) so this is not necessarily a reflection of installed base.

These overall numbers are interesting, but they only tell part of the story.  When we remove Operations from the mix (IT, CFO, HR, PA, EHS, FA, and Ops Directorate), we get a neat reversal of the stats.

Science Divisions acquired 319 Apple Laptops in FY09, vs 290 windows laptops.  52.3% Apple.

Ops acquired 59 Apple Laptops vs 135 Windows Laptops.

The trends towards research divisions acquiring a slight majority of Apple systems began in CY2008.  Overall, Research divisions have doubled their acquisition of Apple systems over four years, while Windows systems acquired have increased by closer to 50%. 

And our useless stat award of the week goes to NERSC division for its complete laptop homogeneity in FY2009 - 19 apple laptops and zero windows.

Data note: IC (really IT Division) also reflects data on systems acquired for, but not yet distributed to supported operations divisions plus the Lab directorate).

Laptops Acquisition for the Whole Lab:

Laptop acquisition for Science Divisions only: 

laptops05-09-byplatform-bydivision.xls

Loading