Cyber Security Awareness

Academic Freedom vs. Operations vs. Security

CERN Computer Security Team“Protecting Office Computing, Computing Services, GRID & Controls”

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

► Security is a strong asthe weakest link.There is no 100% security.

► CERN’s reputation andoperation are at stake……incl. your computer, data & documents.

► In CERN’s academic environment (as at home)You are responsible for the security ofyour computers, files, programs, services, ...— we are not.

► What comes next applies to CERN — and home!

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

u Your password is yours —only yours.

u Make it complex.

u Do not reuse it.

u Change it regularly.

u Also consider othercredentials.

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

u Stop — Think — Click.

u Do not open unexpectedor suspicious links,e-mails or attachments.

u Do not install untrustedsoftware or plug-ins.

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

u Keep all your systemsand software up-to-date.

u Run anti-virus software.

u Do not install untrustedsoftware.

u Lock your screen with apassword when leaving.

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

u Restrict access to yourdocuments and folders.

u Follow the principle ofleast privilege.

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

u Do not distribute or sharecopyrighted material.

u Refrain from file sharingapplications andfile hosting services.

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

u You committed to adhereto the Rules.

u Your activity must not beillegal, commercial,political, offensive, …

u Not allowed:consultation of porn orother illicit material.

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

u Don’t reinvent the wheel.

u Focus on your core work.

u Delegate your responsibility!Use central IT services &Let IT take care of security.

u Get training and help:https://cern.ch/securityComputer.Security@cern.ch

Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007

What links to www.ebay.com ?• http://www.ebay.com\cgi-bin\login?ds=1%204324@%31%33%37

%2e%31%33%38%2e%31%33%37%2e%31%37%37/p?uh3f223d

• http://www.ebaỵ.com/ws/eBayISAPI.dll?SignIn

• http://scgi.ebay.com/ws/eBayISAPI.dll?RegisterEnterInfo&siteid=0&co_partnerid=2&usage=0&ru=http%3A%2F%2Fwww.ebay.com&rafId=0&encRafId=default

• http://secure-ebay.comû

ü

û

û