Physics Division
Computer Systems Security and Appropriate Use
Computer security within the Physics Division means not allowing
unauthorized access to our computers, especially to hackers. To
operate securely, each of us using computers must be aware of the
status of the computers we control. Anyone with a desktop or laptop
computer attached to our network must have completed
Cyber Security Awareness Training.
For most computers, we require that you keep your system up-to-date
with system security patches. If you can no longer patch your machine, it
will be disconnected from the network.
For a Windows computer, there are particular requirements:
- you must install and run an up-to-date virus
checking program, which updates
automatically. The laboratory has an agreement for McAfee Virusscan
which can be obtained through
SPUDS
- you must install and run
ePo
to permit the lab to monitor your compliance with the requirements.
ePo is capable of reporting the status of McAfee or Norton anti-virus
products.
- You must either
It is most important that laptops and desktop computers on our network
be kept up-to-date in these areas.
Many laptop computers have left on travel, only to return with the latest
worm or virus. YOUR attention to the security of laptops must not stop
when you leave your office.
Attaching new computers
If a new computer is to be attached to our network, the owner must
demonstrate that it has the latest patches, fully up-to-date virus
protection and a full scan of all local drives, before it is
installed on the network.
ORNL guidance on security and appropriate use
The following
standards describe ORNL requirements on computer owners and users:
Telecommunications from offsite
We require that you use secure communications from home for remote
terminal applications. These days that means SSH, with many free and
not free clients available for Windows, Macintosh or Unix systems, or the
ORNL VPN.
