Computer Security Statement
4-Sep-2015, E. McCrory
A reminder: It is lab policy for members of the Computing Sector to wander about the laboratory, looking for unsecured computers. To secure your computer and the area around you do as many of these things as practical for you:
- Lock your computer physically to something big (your desk, plumbing)
- Use the screen lock every time (Windows PC’s have this strictly enforced; be sure that your MAC and your Linux box do this, too)
- Lock your office
- Log out of root/admin accounts when you are done with them (and you should only use these elevated privilege account for the moment or two that you really need them)
On a related topic, question strangers who are in your area (and always question Greg Cisko and Jason Ormes – these are the folks that have done the last two “wanderings”). You have the right to ask to see someone’s Fermilab ID, and you have the right to ask them to leave or to call security.
They also reported that, as we all know, email “phishing” is getting more clever every day. If your mail comes through “fnal.gov”, you have a pretty good level of protection. What they are observing now, however, is that many (most?) of us have external email accounts (gmail, Comcast, etc.) that we check at work (which is perfectly OK), but these accounts do not have NEARLY the same level of filtering that your fnal.gov account has. They said that, specifically, they are seeing viruses get into, and/or be propagated by, Mac computers and the source is an external email account. Thus, be extra careful when looking at your external email accounts.
Bottom line: Lock your computer and, unless you are sure of the source, don’t click on links or open attachments in emails.