Computer Security: How to avoid being disturbed during your holidays

Abraham Smith

Aloha! Do you enjoy the sun? The beach? Mountains? A cocktail? To eat out? Theatre? Are you enjoying a relaxing time away from work – both physically and mentally? Here are a few tips on how to achieve that and enjoy the perfect break.

In the past few weeks – during the summer holiday season! – We had to process a number of requests for access to personal data. The requests were made by colleagues and supervisors desperate for analysis code, design papers, documentation, software snippets, and so on. Unfortunately, this data was buried deep in each person’s personal folders or stored on private devices that were turned off for their own holiday vacations. Because CERN values ​​your privacy, gaining access to this data is not that easy. And you may need to take action on Aloha Beach to grant access.

Access to personal data stored at CERN or on CERN-owned devices is governed by the CERN Computing Rules (OC5) and in particular by the Supplementary Rule on Third-Party Access to User Accounts and Data. Depending on the nature of the data, access to it may require the express authorization of the Director General. Only if the files can be clearly and unequivocally related to professional business (as indicated by the file name) can the computer security officer, in its sole discretion, recommend that the data storage service providers release the files. But before you go down either of those routes – contacting the general manager or sorting by filename – the process also affects you as the data owner. Can we reach you? Can we verify your identity? Can we get your consent? If so, good news for us.

But not so good news for you. tear you out of your holiday dreams. From sandy Aloha Beach back to reality. From sunny weather back to the office. Out of the theater onto the work platform. A little nuisance of a break in your well-deserved break. “Aloha? Sorry to bother you.”

A much better solution is to store all your professional data in central locations: files and analysis should be in EOS (or AFS) project folders (ie “/eos/project-[A-Z]”, “/eos/experiment”, “/afs/cern.ch/project” and “/afs/cern.ch/exp/” ) or on shared areas on CERNbox, all documentation should be stored in CDS, EDMS or Indico and your professional software should be in the CERN GitLab repository. Incidentally, the same applies to the professional data of your students and colleagues who are leaving the organization to face new challenges. Ensure that all your professional data, documents, projects, software, analyses, duplicates, etc. are handed over to you in an orderly, consistent and complete manner (if not already stored in the central locations mentioned above). While we grant a grace period of six months, the data in each personal folder will then be irrevocably deleted – and with it all the professional data in it.

Additionally, all professional devices, virtual machines, services, databases, websites, e-groups, and project folders should be managed by more than just you so they can take over while you’re on Aloha Island. And you won’t be disturbed during your vacation… Aloha!

_____

Interested in learning more about computer security incidents and issues at CERN? Follow our monthly report. For more information, questions or help, visit our website or contact us at [email protected].

Leave a Reply

Your email address will not be published. Required fields are marked *