From Fermilab Today, December 7, 2009
Contractors working with the Tune IT Up team have visited more than 1,500 desktop and laptop computers as part of their ongoing physical inventory.
The information they gather is used to maintain and update the databases we use to help manage our computer systems efficiently, effectively and securely. The gathering process has been vetted against laboratory security and privacy policies.
The contractors can find some of the information they are collecting, such as your computer's property number and location, without logging on to your machine. But they must be logged in to check if it has the inventory software needed to collect information Fermilab requires about your computer.
Most computers at the laboratory already have the necessary inventory software installed, either through the Windows Fermi domain or by a system administrator.
If the contractors need to install software, they will require the assistance of someone with administrative privileges to log onto your computer. If no administrator is present, they will do the rest of the inventory and schedule a follow-up visit.
The inventory software runs once a day to collect the following information:
How is the hardware on your system such as the processor, hard drive and memory configured?
What are the vendor and version of your operating system?
What software is installed on your system?
What are the names, locations and sizes of the files saved on your computer? (Note: The software does not inspect or record the contents of those files.)
We collect information about file names and locations to help respond effectively to security incidents. Malicious programs and their data can be saved in any location on a hard drive, so information is collected for all files. All the inventory data is stored in a database accessible only to certain authorized employees, such as some system administrators and computer security personnel.
It is very important for Fermilab's good management and security that we collect this information. Please work with the contractors to allow them to complete the inventory of your machine. Make sure to verify the contractors' identities before allowing them access to your machine by checking their Fermi ID badges. You can also look up their photos here or call the Service Desk at x2345. Remember that you should never give your password to anyone, including your system administrator and the contractors.
— Mark Kaletka, Computing Division