CINXE.COM

CERN Computer Security Information

锘匡豢<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <link rel="stylesheet" href="/style.css" type="text/css" /> <script type="text/javascript" src="/jquery.min.js"></script> <title>CERN Computer Security Information</title> <script type="text/javascript"> $(document).ready(function(){ // Menu highlight var path = location.pathname.split("/"); if ( path ) { $('#main_menu a[href*="' + path[1] + '"][class!="noselect"]').addClass('selected'); // path[3] = /security/<xxxxx>/ $('#sidebar ul.sidemenu li[class!="noselect"]:has(a[href$="' + path.reverse()[0] + '"])').addClass('selected'); } // Add icon to external links $('a[id!=logo-img]').filter(function() { return this.hostname && this.hostname !== location.hostname; 聽 }).after(' <img src="/images/external_link.png" alt="external link" title="external link"/>'); }); </script> </head> <body> <div id="wrap"> <div id="top-bg"></div> <!--header --> <div id="header"> <div id="logo-text"> <a id="logo-img" href="https://home.cern/"><img src="/images/CERNLogo2.png" width="59" height="59" style="margin: 10px" alt="CERN Logo"/></a><div id="logo-text-big"><a href="/home/en/index.shtml" title="">CERN Computer Security</a></div> </div> <div id="header-logo"><a href="/services/en/emergency.shtml"><img width=335 src="/images/emergency.png" alt="Computer Emergencies"/></a></div> </div> <!--header ends--> <div id="header-photo"></div> <!-- navigation starts--> <div id="nav"> <ul id="main_menu"> <li><a class="noselect" href="/home/fr/index.shtml"><img src="/images/fr.png" alt="FR"/></a></li> <li><a href="/home/en/index.shtml">Home</a></li> <li><a href="/rules/en/index.shtml">Computing Rules</a></li> <li><a href="/recommendations/en/index.shtml">Recommendations</a></li> <li><a href="/training/en/index.shtml">Training</a></li> <li><a href="/services/en/index.shtml">Services</a></li> <li><a class="secured" href="/reports/en/index.shtml">Reports &amp; Presentations</a></li> </ul> </div> <!-- navigation ends--> <!-- content-wrap starts --> <div id="content-wrap"> <div id="main"> <h2>Seven Good Practises for your Computer Security</h2> <p> <table> <tr> <th> <ol> <li><a href="#l1">Use operating systems provided by CERN's IT department</a></li> <li><a href="#l2">Protect your private and home computers</a></li> <li><a href="#l3">Be careful with e-mail & Web</a></li> <li><a href="#l4">Protect your passwords</a></li> <li><a href="#l5">Protect your files and data</a></li> <li><a href="#l6">Follow CERN Computing Rules</a></li> <li><a href="#l7">Let us help you</a></li> </ol> </th> <th> <a href="/training/en/Cyber Security Flyer (2010 EN).pdf"> <img src="Cyber Security Flyer (2010 EN).png"></a> </th> </tr> </table> </p> <h4><a name="l1"></a>1. Use Operating Systems provided by CERN's IT Department</h4> <p>At CERN, you are responsible for keeping your PCs properly protected and their operating system and applications up-to-date (see the <a href="http://cern.ch/ComputingRules">Computing Rules</a>). The easiest way to do is to <b>use PCs managed centrally by CERN's IT department</b>. The IT department will then automatically ensure that the PC is secured, runs an up-to-date anti-virus software, and that its operating system is properly patched.</p> <p>Please check here further details on <a href="how_to_secure_your_pc.shtml">How to secure your PC or Mac</a>.</p> <h4><a name="l2"></a>2. Protect your Private and Home Computers</h4> <p>Many people at CERN use their private laptop or connect to CERN from their home PC. A weakly protected laptop or PC puts the CERN site, and your account, at risk. Therefore, we recommend you to use the <b>freely available CERN anti-virus software</b> for <a href="https://devices.docs.cern.ch/pss/eset-windows/">Windows</a> or <a href="https://devices.docs.cern.ch/pss/eset-mac/">Apple Mac</a>, apply software updates in a timely manner, and don't install any untrusted software. Also run without administrator privileges whenever possible - this restricts the damage malicious software can do. And don鈥檛 forget to lock your screen with a password when you leave your office.</p> <p>Please check here further details on <a href="how_to_secure_your_pc.shtml">How to secure your PC or Mac</a>.</p> <h4><a name="l3"></a>3. Be careful with e-mail & Web</h4> <p>Despite the usefulness of the Internet and the World Wide Web, malicious people misuse it to (try to) compromise your PC. Visiting the "wrong" Web page is sufficient. Therefore, <b>don't click on suspicious links</b> (also in emails), don鈥檛 open unexpected or suspicious e-mails or attachments, and don't install untrusted plug-ins or applications.</p> <h4><a name="l4"></a>4. Protect your Passwords</h4> <p><b><i>"Your password should be treated like a toothbrush: you do not share it and you change it regularly!"</i></b></p> <p>No legitimate person will ever ask you for your password (or the PIN number of your Credit Card). Thus, never share them, beware of attempts to trick you into revealing your password ("phishing"), and don't reuse them - but use different passwords for different purposes. Also, do not provide your password to Web sites you do not trust, and do not type them on untrusted computers (e.g. in Internet Caf茅s). Finally, your password should be hard to guess and not be found in any dictionary. It should be at least 8 characters long and contain a mixture of capital and small letters, numbers and symbols. Choose a good one! </p> <p>Please find further details <a href="passwords.shtml">here</a>.</p> <h4><a name="l5"></a>5. Protect your Files and Data</h4> <p>May I read you salary sheet? Of course not. Please <b>restrict the access to your documents and folders</b> - in particular those containing sensitive or confidential information like meeting minutes, contracts, passwords, ... - and follow the principle of least privilege. Ensure that only those people who have a need to access your files and data can do. Also respect copyrights of files and data - do not run file sharing applications like Bittorrent, eDonkey, Emule, or KaZaA.</p> <p>More details on file protection can be found here for <a href="/rules/en/afs.shtml">AFS</a> and for <a href="http://cerncourier.com/cws/article/cnl/38514">DFS</a>.</p> <h4><a name="l6"></a>6. Follow the CERN Computing Rules</h4> <p>At CERN, the individual users are responsible for securing their PCs, data, systems and services. With obtaining your CERN account, you have committed yourself to obey the <a href="http://cern.ch/ComputingRules">CERN Computing Rules</a>. Therefore, <b>follow these rules for using CERN's computing and network resources</b>. In particular, stop running any <a href="http://cern.ch/ComputingRules">restricted software</a> and respect the confidentiality and copyrights of data, music, videos and software applications. Also remember that the consultation of illicit (e.g. pornographic) material is not allowed and that the personal use of CERN鈥檚 computing facilities is tolerated only if the frequency and duration are limited and the resources used are minimal.</p> <h4><a name="l7"></a>7. Let us help you</h4> <p>The Security Team is there to help you and offers you, among others, <a href="/recommendations/en/index.shtml">recommendations & tips</a>, <a href="/training/en/index.shtml">training courses</a>, <a href="/services/en/index.shtml">code reviews, Web and servers scanning</a>.</p> <p>If you need help, have questions, or want to discuss issues around computer security then contact us at <a href="mailto:Computer.Security@cern.ch">Computer.Security@cern.ch</a> or check our <a href="http://cern.ch/security">other Web pages</a>.</p> </div> <!-- main ends --> <!-- SIDEBAR --> <!-- sidebar menu starts --> <div id="sidebar"> <h3>For All Users<br/> (Experts or Not)</h3> <ul class="sidemenu"> <li><a href="/recommendations/en/good_practises.shtml">Seven easy good practises</a></li> <li><a href="/recommendations/en/how_to_secure_your_pc.shtml">How to secure your PC or Mac</a></li> <li><a href="/recommendations/en/passwords.shtml">Passwords &amp; toothbrushes</a></li> <li><a href="/recommendations/en/2FA.shtml">Starting with multi-factor authentication</a></li> <li><a href="/recommendations/en/bad_mails.shtml">Bad mails for you:<br/>"Phishing", "SPAM" &amp; fraud</a></li> <li><a href="/recommendations/en/malicious_email.shtml">How to identify malicious e-mails and attachments</a></li> <li><a href="/recommendations/en/how_to_remove_malicious_browser_notifications.shtml">How to remove malicious browser notifications</a></li> <li><a href="/recommendations/en/working_remotely.shtml">Working remotely</a></li> <li><a href="/recommendations/en/connecting_to_cern.shtml">Connecting to CERN</a></li> <li><a href="/recommendations/en/ssh.shtml">Connecting using SSH</a></li> </ul> <h3>For Software Developers</h3> <ul class="sidemenu"> <li>Good programming in <a href="/recommendations/en/program_c.shtml">C/C++</a>, <a href="/recommendations/en/program_java.shtml">Java</a>, <a href="/recommendations/en/program_perl.shtml">Perl</a>, <a href="/recommendations/en/program_php.shtml">PHP</a>, and <a href="/recommendations/en/program_python.shtml">Python</a></li> <li><a href="/recommendations/en/password_alternatives.shtml">How to keep secrets secret<br/> (alternatives to passwords)</a></li> <li><a href="/recommendations/en/checklist_for_coders.shtml">Security checklist</a></li> <li><a href="https://gitlab.docs.cern.ch/docs/Secure%20your%20application/">GitLab CI Security Tools</a></li> <li><a href="/recommendations/en/web_applications.shtml">Securing Web applications</a></li> <li><a href="/recommendations/en/code_tools.shtml">Static code analysis tools</a></li> <li><a href="/recommendations/en/more_on_software.shtml">Further reading</a></li> </ul> <h3>For System Owners</h3> <ul class="sidemenu"> <li><a href="/recommendations/en/rootkits.shtml">Checking for rootkits</a></li> <li><a href="https://twiki.cern.ch/twiki/bin/viewauth/CNIC/WebHome">Securing Control Systems (CNIC)</a></li> <li><a href="/recommendations/en/containers.shtml">Securing Containers & Pods</a></li> <li><a href="/rules/en/baselines.shtml">Security baselines</a></li> <li><a href="http://linux.web.cern.ch/linux/docs/linux_exploit_faq.shtml"> The CERN Linux vulnerability FAQ</a></li> </ul> </div> <!-- sidebar menu ends --> <!-- content-wrap ends--> </div> <!-- footer starts --> <div id="footer-wrap"> <div id="footer-bottom"> &copy; Copyright 2024<strong> <a href="https://cern.ch/security">CERN Computer Security Office</a></strong> <table> <tr> <td id="footer-info-left"> e-mail: <a href="mailto:Computer.Security@cern.ch">Computer.Security@cern.ch</a><br/> Please use the following PGP key to encrypt your messages:<br/> ID: 0x954CE234B4C6ED84<br/> <a href="https://keys.openpgp.org/vks/v1/by-fingerprint/429D60460EBE8006B04CDF02954CE234B4C6ED84">429D 6046 0EBE 8006 B04C DF02 954C E234 B4C6 ED84</a> </td> <td id="footer-info-right"> Phone: +41 22 767 0500<br/> Please listen to the recorded instructions. </td> </tr> </table> </div> </div> <!-- footer ends--> </div> <!-- wrap ends here --> <!--img height=30px src="/home/en/CERNfooter_800.png"--> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10