Drupal Security

Posted on: March 30, 2018

A couple of weeks ago, I mentioned attending the Data Center World Conference and the importance of continued professional development. Now that I have had time to settle back in and reflect a bit, I wanted to share some of that experience.  The DC World Conference is presented by AFCOM, an industry association that advances the mission for data center and IT infrastructure professionals.  I am a member of AFCOM’s advisory board, so it is a chance to network with board members and, this year, a chance to sit in on a panel regarding the advisory board role and things “data center.”  That aside, when choosing a conference or association meeting, I hope to have a good chance of walking away with new knowledge, new skills, and an enhanced professional network that I might call on when needed. 

More than 2,000 Data Center, Facilities, and IT Infrastructure Professionals attended the Conference. The conference organizers sought presentations not just from industry experts but also pulled from the association membership to create an agenda that focused on real solutions to key challenges in running a data center, its network, and the infrastructure that supports. The agenda offered numerous learning objectives and opportunities around current data center hot topics.

A valuable insight I walked away with is that the Internet of Things (IoT) is growing at a pace much beyond what was expected.  Raise your hand if 5 years ago you thought our refrigerators would soon be connected to the internet?  For the data center, that connection is mechanical, electrical, and environmental controls that monitor critical infrastructure (like electrical switch gear, UPS, cooling equipment). The “keep me up at night moment” is that the growth of IoT has and will continue to have an impact on the security of the data that resides in or passes through these environments.  As a steward of that data, we need to find new ways to ensure it is well protected. 

And I did meet my goal of walking away with new knowledge, skill, and a very important, expanded professional network.

Before leaving for the weekend… I want to send out a huge thanks to the Applications Drupal Team:  Jason Watson, Joe Goodman, Leopoldo Reynaga, Michael Marsello, Jana Tate, Richard Hastie, Tyler Fahey, Mark Fullmer, and team lead, Paul Grotevant. The Drupal Team was recently made aware of and was able to remediate an unprecedented Drupal security issue within four hours. Actions included:

·         Preparing a mitigation and backup/recovery plan for all of our supported sites in advance

·         Updating the UT Drupal Kit on Pantheon within 30 minutes of the update being made available

·         Releasing a packaged version of the UT Drupal Kit

·         Updating 34 non-QuickSites codebases across all kinds of platforms

·         Updating 29 live QuickSites instances

·         Providing community assistance via Slack, email, and other channels to developers and site owners with questions or problems

·         Communicating before and throughout the event with all of our customers to let them know what would happen and when

·         Coordinating with the UT Web team to make sure they were aware of the event

·         Reaching out to UT Drupal Kit site owners on UT Web to make sure they were aware of the event

Quick, very thorough work went into ensuring our campus Drupal sites are patched, updated, secure, and safe.  Efforts such as this prove our value over and over again. 

 

Awesome work, team!