Computer Security & Appropriate Use
Computer security within the Physics Division means not allowing
unauthorized access to our computers, especially to hackers. To
operate securely, each of us using computers must be aware of the
status of the computers we control.
Anyone with a desktop or laptop
computer attached to our network must have completed
Cyber Security Awareness Training.
For most computers, we require that you keep your system up-to-date
with system security patches. If you can no longer patch your machine, it
will be disconnected from the network.
For a Windows computer, there are particular requirements:
- All Windows computers on the ORNL network must be owned by ORNL and managed by ORNL ITSD staff using the SCCS system.
- Any exceptions to this must be documented and expressly permitted. ORAU and UT computers can be easily granted this exception.
All ORNL-owned portable data processing devices must be encrypted
No portable device may contain protected, personnally identifiable information. Many laptop computers have left on travel, only to return with the latest worm or virus. YOUR attention to the security of laptops must not stop when you leave your office.
To attach a new device to the network, either
- Use the Network Registration System
- Call Helpline: 241-6765, or helpline@ornl.gov.
ORNL guidance on security and appropriate use
The following standards describe ORNL requirements on computer owners and users:
Telecommunications from offsite
We require that you use secure communications from home for remote terminal applications. These days that means SSH, with many free and not free clients available for Windows, Macintosh or Unix systems, or the ORNL VPN.
Resources
