Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Essentials for Desktop System Administrors.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Essentials for Desktop System Administrors."— Presentation transcript:

1 Security Essentials for Desktop System Administrors

2 Outline F Why Computer Security F Fermilab Strategy: –Integrated Computer Security –Defense in Depth F Your role and special responsibilities as a user and system administrator F Other Computing Policy Issues –Data backup –Incidental use –Privacy –Offensive material –Licensing

3 Why Computer Security F The Internet is a dangerous place –We are constantly being scanned for weak or vulnerable systems; new unpatched systems will be exploited within minutes. F Fermilab is an attractive target –High network bandwidth is useful for attackers who take over lab computers –Publicity value of compromising a.gov site –Attackers may not realize we have no information useful to them

4 Why Computer Security - 2 F We need to protect –Our data –Our ability to use our computers (denial of service attacks) –Our reputation with DOE, Congress and the general public F Major sources of danger –Running malicious code on your machine due to system or application vulnerabilities or improper user actions –Carrying infected machines (laptops) in from off site

5 FNAL Strategy F Integrated Security Management F Defense in Depth –Perimeter Controls and auto blocking –Mail gateway virus scanning –Strong Authentication (Kerberos) –Critical System plans –Critical vulnerabilities –Prompt response to computer security incidents (FCIRT) –Intelligent and informed user community

6 Integrated Security Management F Computer Security is not an add-on or something external, it is part and parcel of everything you do with computers (analogy with ES&H) F Not “one-size-fits-all”, but appropriate for the needs and vulnerabilities of each system F In most cases, it is simply common sense + a little information and care F Each Division/Section or large experiment has a GCSC (General Computer Security Coordinator) who acts as liaison with the Computer Security Team in disseminating information and dealing with incident; see http://computing.fnal.gov/security/ for an up to date list http://computing.fnal.gov/security/

7 Strong Authentication F Avoid disclosure of passwords on the network F No network services (logon or read/write ftp) visible on the general internet can be offered with out requiring Kerberos authentication (unless a formal exemption is applied for and granted) F Kerberos provides a single sign in, minimizing use of multiple passwords for different systems F Lab systems are constantly scanned for violations of this policy

8 Critical Systems F Defined as “critical to the mission of the Laboratory”, i.e. disruption may have major impact on Laboratory operations; –Most things do not fall in this category; F Special (more stringent) rules & procedures apply; –Including periodic reviews; F You’ll know if you’re in this category;

9 Critical Vulnerabilities and Vulnerability Scanning F Certain security vulnerabilities are declared critical when they are (or are about to) being actively exploited and represent a clear and present danger F Upon notification of a critical vulnerability, systems must be patched by a given date or they will be blocked from network access

10 Computer Security Incidents F Mandatory incident reporting; –Report all suspicious activity: If urgent to FCC Helpdesk, x2345, 24x7 Or to system manager (if immediately available) Non-urgent to computer_security@fnal.gov –Incidents investigated by Fermi Computer Incident Response Team (FCIRT); –Not to be discussed!

11 FCIRT (Fermi Computer Security Incident Response Team) F Security experts drawn form throughout the lab F Investigate (“triage”) initial reports; F Coordinate investigation overall; F Work with local system managers; F Call in technical experts; F May take control of affected systems; F Maintain confidentiality;

12 Other Rules for General Systems F “Blatant disregard” of computer security; –First time warning, repeat offense disciplinary action; F Unauthorized or malicious actions; –Damage of data, unauthorized use of accounts, denial of service, etc., are forbidden; F Ethical behavior; –Same standards as for non-computer activities; F Restricted central services; –May only be provided by Computing Division; F Security & cracker tools; –Possession (& use) must be authorized;

13 Mandatory System Manager Registration F System managers must be registered with FCSC F See: http://www.miscomp.fnal.gov/sysadmindb

14 Your role as a user and system administrator F Sysadmins are on the “front line” of computer security: “Fermilab’s continuing policy has been to put its first line of defense at the individual responsible for the data and the local system manager.” F Three roles for a sys admin: –System manager (configure system, remove unneeded services, apply patches promptly); –examples for users; –vigilant observers of system (and sometimes user) behavior F Sysadmins are expected to communicate computer security guidelines and policies to the users of systems they administer; F Most important: know how to tell what services are running on your desktop, turn off those not needed, know where you are getting your patches from (FERMI domain, Patchlink, yum, Microsoft, …)

15 Role of sysadmins F Manage your systems sensibly, remaining aware of computer security while conducting everyday business F Advise and help users F Keep your eyes open F Report potential incidents to FCIRT F Act on relevant bulletins

16 Your role as a computer user F Guard against malicious code in email –Don’t open attachments unless you are sure they are safe –Don’t trust who email is from –Updated and enabled virus signatures F Guard against malicious code from web browsing F Obey Strong Authentication Policy (Kerberos) –Don’t run network services (login or read write ftp) unless they demand Kerberos authentication –Treat your kerberos password as a sacred object (never expose it over the network) F Promptly report potential computer security incidents –X2345 or computer_security@fnal.govcomputer_security@fnal.gov –Follow FCIRT instructions during incidents (especially about keeping infected machines off the network and preserving the status of an infected machine for expert investigation)

17 Other Computing Policy Issues F Data backup F Incidental use F Privacy F Offensive material F Licensing

18 Data Backup Policy - Users –Users (data owners) responsible for determining: What data requires protection; How destroyed data would be recovered, if needed; Coordinating backup plan w/ sysadmins; –or doing their own backups; If the backup is done for you it might be worth occasionally checking that you can really retrieve the data

19 Incidental Computer Usage F Fermilab permits some non business use of lab computers F Guidelines are at http://computing.fnal.gov/security/ProperUs e.htm http://computing.fnal.gov/security/ProperUs e.htm

20 Activities to Avoid F Large grey area, but certain activities are “over the line”; –Illegal; –Prohibited by Lab or DOE policy; –Embarrassment to the Laboratory; –Interfere w/ performance of job; –Consume excessive resources;

21 Privacy of Email and Files F Fermilab normally respects the privacy of electronic files and email; F Employees and users are required to do likewise; F Certain exemptions for system managers and computer security response; F All others must have Director(ate) approval;

22 Privacy of Email and Files F May not use information in another person’s files seen incidental to any activity (legitimate or not) for any purpose w/o either explicit permission of the owner or a “reasonable belief the file was meant to be accessed by others.” –Whether or not group/world accessible; –“Group” files implicitly may be used by the group for the mission of the group;

23 Offensive Material on computers F Many “computer security” complaints are not; F Material in a computer is like material in a desk; –With respect to both privacy and appropriateness; F This is a line management, not computer security, concern (except in egregious cases).

24 Software Licensing F Fermilab is strongly committed to respecting intellectual property rights F Any use of unlicensed commercial software is a direct violation of lab policy

25 Questions? F gaines@fnal.gov gaines@fnal.gov F nightwatch@fnal.gov for questions about security policy nightwatch@fnal.gov F Computer_security@fnal.gov for reporting security incident Computer_security@fnal.gov F http://computing.fnal.gov/security http://computing.fnal.gov/security

Download ppt "Security Essentials for Desktop System Administrors."

Similar presentations

Chapter 1 - 1 ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.

Chapter ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.
Northside I.S.D. Acceptable Use Policy 2009-2010.

Northside I.S.D. Acceptable Use Policy
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Basic Computer Security. Outline F Why Computer Security F Fermilab Strategy: –Integrated Computer Security –Defense in Depth F Your role and responsibilities.

Basic Computer Security. Outline F Why Computer Security F Fermilab Strategy: –Integrated Computer Security –Defense in Depth F Your role and responsibilities.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Basic Computer Security. Outline F Why Computer Security F Fermilab Strategy: –Integrated Computer Security –Defense in Depth F Your role and responsibilities.

Basic Computer Security. Outline F Why Computer Security F Fermilab Strategy: –Integrated Computer Security –Defense in Depth F Your role and responsibilities.
Security Essentials for Fermilab System Administrators.

Security Essentials for Fermilab System Administrators.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS 4600 - © Abdou Illia.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
VISD Acceptable Use Policy

VISD Acceptable Use Policy
INTERNET and CODE OF CONDUCT

INTERNET and CODE OF CONDUCT
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
THE WONDERFUL HISTORY OF COMPUTERS FROM THE BEGINNING HARDWARE, SOFTWARE,SAFTEY, AND COMPUTER ETHICS.

THE WONDERFUL HISTORY OF COMPUTERS FROM THE BEGINNING HARDWARE, SOFTWARE,SAFTEY, AND COMPUTER ETHICS.
Incident Response Updated 03/20/2015

Incident Response Updated 03/20/2015
Fermi Computer Incident Response Team Computer Security Awareness Day March 8, 2005 Michael Diesburg.

Fermi Computer Incident Response Team Computer Security Awareness Day March 8, 2005 Michael Diesburg.
Fermilab Computer Security Awareness Day November 2012 Basic Computer Security.

Fermilab Computer Security Awareness Day November 2012 Basic Computer Security.

Similar presentations

Ads by Google