CMC Minutes July 13, 2015
CMC Meeting Minutes for 13 July 2015
Should happen at September meeting. Need to elect new Chair, Vice Chair and Rendezvous Chair
Will also need to find three volunteers at the September meeting to be on the Rendezvous committee in addition to the chair.
The CIRES picnic:
Was voted to use the CIRES picnic as a replacement for the August CMC meeting.
If possible please wear your CMC shirt to increase visibility
By-Laws update: CMC “Membership Chairperson”
Barry, Doug and Rick have been working on amending the CMC by-laws, which will be presented more in full at a later meeting.
One likely component is the creation of a “Membership Chairperson” position who would be responsible for keeping track of CMC representation from different division and trying to recruit as needed.
Currently this is envisioned as a 2-year volunteer position (as opposed to an elected position)
Would liaise with the CIRES personnel director (currently Paula Robinson)
Other potential tasks include:
Create CMC pamphlet/booklet to give to potential representatives about who we are and what we do.
Be cc’ed on and keep track of communications from the different CIRES divisions to help new people understand the role of CMC.
For more info see slides presented at the meeting by Rick. (Rick, can you send those around?)
This will be discussed again at the September meeting. Any comments or suggestions please either send them to Rick.
Meeting with CIRES admin to discuss Rendezvous
Had a good meeting with Kristin to cover some of the rougher parts of Rendezvous
The student poster contest will likely happen in the future but the posters will not be separated from non-student posters in the same division.
Waleed’s presentation: Probably need to appoint someone from the Rendezvous committee to communicate with Waleed on this and provide guidance as needed. The larger CMC can (and should) also provide additional direction on topics people would like to hear about and for how long
The CMC email list
Many of us are receiving “digest-style” emails, Nate will change everyone’s account so we all receive emails as they come instead
OPM Security Breach Discussion
The second recent OPM security breach compromised personally identifiable information from, likely, anyone who has applied for access to the NOAA building since the year 2000.
There is currently confusion among employees as to whether CIRES contractors were compromised.
If a current or former CIRES employee filled out the SF85 form for a background check they are likely included in this breach. The form requests addresses for 5 years prior and personal references.
This does not affect temporary visitors who are cleared with homeland security and are only asked for their full name and country of citizenship.
CMC would like to see CIRES admin address this with a CIRES-wide email covering the breach and what it means for our employees.
Rick will draw up an initial draft of our request for them and send it around for comments/additions.
Potential things for CIRES to do:
Simply echo communications that come from OPM to reinforce the message at a more local level and possibly in more comprehensible language
Compile some data on recent phishing tactics and/or provide targeted cyber security training for employees. This should go beyond advice on protecting data in the first place. The info is already out there so how do we prepare ourselves for if it is used to target employees? What form might “attacks” take and how can they be combatted?
Communicate with people at DSRC who should be more informed as to the best steps to take.
Possibly helpful to send a copy of the form in question to employees to clarify what information was stolen? Many have forgotten what info exactly was supplied for background checks.
At this time OPM is still looking for a private contractor to provide the security monitoring but presumably we will be notified when that happens, CIRES could echo that information with clear recommended action items.
When possible security is increased greatly through the use of 2-step authentication. Many banks and other corporations can accommodate this.
CIRES employees that receive suspicious communications of any kind can always contact Nate’s team at “email@example.com” for advice.