Most users will be able to connect their own computers to the CERN network and thence to the Internet.
Under Attack
Just like any other organization, CERN is permanently under attack - even right now. Attackers seek to:
- Deface CERN's Web sites;
- Break into CERN's Web servers or into our computing services;
- Abuse CERN computing accounts, e.g., sending spam;
- Find confidential or sensitive information, such as that made accidentally public by CERN users who fail to protect their information properly.
Moreover viruses and worms sneak into the CERN office network - brought in by infected laptops, through malicious emails or Web sites - and then try to spread their infection to other computers.
Consequently it's important to be vigilant about security risks, protecting CERN's reputation - and your work.
The availability, integrity and confidentiality of CERN's computing services and the unhindered operation of its accelerators and experiments come down to the combined efforts of the CERN Security Team and you.
Your Responsibility for Security
CERN's academic environment means freedom of choice and freedom of communication. As a user, you can choose which type of computer to use, what operating system to run, the applications to install, which programming language to use and what data to store, among others.
However, while this academic freedom makes for a very dynamic and innovative environment with new systems and services being deployed all the time, it also significantly increases security risks in our computing.
You, as a CERN user, have to make your contribution to computer security: You are responsible for the security and protection of your computers, the operating systems you run, the application you install, the software you program, the data you own - and the services and systems you manage. Therefore, you must ensure that you:
- Keep your system up-to-date. Enable the regular automatic installation of updates/patches. If you can, use operating systems managed by CERN's IT department.
- Use anti-virus software. The CERN anti-virus solutions is even free for your home and private usage.
- Do not install untrusted software. Indeed, software from untrusted sources may infect or comprosmie your computer or violate copyrights.
- Lock your screen with a password when you leave your office.
If your computer is compromised you must report the compromise to the CERN Computer Emergency Response Team (CSIRT).
General Good Practice
If your computer is compromised you are likely to be asked to format the disk and reinstall the operating system and all applications from the original media.
You can reduce the likelihood of having to reformat and reinstall not only by keeping up to date with patches and anti-virus etc., but by being sensible when you are using your computer for network-based activities such as email, instant messaging and web browsing. Sensible practices include:
- Do not open... unexpected or suspicious e-mails or attachments
- Stop-think-click. Do not click on suspicious links, but only click if you trust their origin
- Protect your passwords. Do not type them on untrusted computers or websites.
- Restric access to your documents and folders. This includes access to Web sites and Web applications, minutes of meetings, contracts, shared file spaces, software repositories, public or private folders
- Follow the principle of least priviledge. Ensure that only people who need access to your files and data can do.
- Do not run file-sharing applications... like BitTorrent, eDonkey, Emule, KaZaZa. In particular, respect copyrights.
Assistance & Support
The Computer Security Team is ready to help you, if you have any questions or would like advice.
The Security web site provides the Computing Rules you have to follow as well as recommendations & tips, and training material & sessions. In-depth help is available through the Frequently Asked Questions (FAQ) section and the list of security services provided by the Security Team. Reports & presentations give a separate view on the team's work.
In the academic environment at CERN, not everything can be prevented, protected or detected. You are an essential partner in helping to secure our computing environment.
At CERN, security is not complete without you.