Computer Security in ST Division - PowerPoint PPT Presentation

About This Presentation
Title:

Computer Security in ST Division

Description:

Eva Sanchez-Corral Mena (ST/MA) Uwe Epting (ST/MA) November ... Click CANCEL instead of OK. in unexpected web dialogue boxes. Do not answer unsolicited e-mail ... – PowerPoint PPT presentation

Number of Views:13
Avg rating:3.0/5.0
Slides: 13
Provided by: UE22
Category:

less

Transcript and Presenter's Notes

Title: Computer Security in ST Division


1
Computer Security in ST Division
  • CERN Computer Security Officer
  • Denise Heagerty (IT/DI)
  • ST linkpersons
  • Eva Sanchez-Corral Mena (ST/MA)
  • Uwe Epting (ST/MA)

2
Outline
  • Who is concerned?
  • Why is it important?
  • General Recommendations
  • Office Users
  • Control Systems
  • Additional Information

3
Computer Security in ST
  • Who is concerned?
  • Everybody !
  • Why?
  • Everybody is responsible for computer security on
    his/her machine
  • The law Operational Circular No. 5
  • BUT two categories
  • OFFICE
  • CONTROL SYSTEM

4
Why is it important?
  • Almost daily appearance of viruses
  • executable viruses
  • risk of destroying or manipulating your data
  • internet worms
  • risk of destroying data and network blocking
  • trojan horses, password spies
  • risk of (software) sabotage
  • risk of publishing of confidential data

5
General Recommendations
  • Do not open e-mail attachements
  • if you are not sure about their content
  • Click CANCEL instead of OK
  • in unexpected web dialogue boxes
  • Do not answer unsolicited e-mail
  • delete it
  • Do not run unknown software
  • Choose secure passwords
  • change them regularly
  • Avoid exposure of passwords and/or other
    confidential information
  • e.g. through unencrypted web-applications

6
Office Users
  • Use the central CERN environment for
  • NICE (Windows)
  • Linux
  • MacOSX
  • Apply security patches timely as well as
    immediately when you are asked to do so.
  • assistance available desktop support or C168
  • Follow the CERN security recommendations

7
Control Systems (1)
  • Some problems
  • not centrally managed
  • different Operating System flavours
  • cannot be stopped for updates
  • PLCs and HP workstations not covered by IT
    computer security
  • Nevertheless the "Responsible of the device" has
    to keep the systems secure!

8
Control Systems (2)
  • Some recommendations and ideas
  • run on the "technical network"
  • not directly accessible from outside CERN
  • disable unnecessary applications
  • like web, telnet, ftp, ..., and Office
    applications
  • choose correct network connection
  • NONE or OUTGOING, not INCOMING
  • limit/configure computers/PLCs that can talk to
    each other
  • personal firewalls, "filtering" gateways

9
Control Systems (3)
  • Foresee strategy for updates during operation
  • Installation of security patches
  • Operating system updates
  • Some ideas
  • redundant servers
  • spare server for temporary replacement
  • plan maintenance periods
  • allow short interruptions of system components
    without stopping the rest
  • plan time for downtime and disaster recovery
  • ensure backups and rollback possibilities

10
Control Systems (4)
  • Design your system to resist security scans
  • Some viruses do port scanning
  • Old systems can be excluded from IT security
    scans
  • foresee upgrades of those systems
  • Avoid generic logins
  • like cern, tcr, stcv, stel, ...
  • if really needed, restrict access rights to the
    absolute minimum
  • do system administration with a safe password
  • Keep a logfile
  • allowing the trace back of incidents

11
More information ...
  • IT Computer Security web pages
  • http//cern.ch/security
  • read especially
  • CERN's Computer Security Recommendations
  • Password Recommendations at CERN
  • Risks and how you can help to reduce them
  • Test your systems!
  • scans may be launched by IT on request

12
Questions ?
?
Write a Comment
User Comments (0)
About PowerShow.com