Security Essentials for Fermilab System Administrators Wayne Baisley Computer Security Awareness Day 10 November 2015.

Slides:



Advertisements
Similar presentations
Rockingham County Public Schools Technology Acceptable Use Policy
Advertisements

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.
Acceptable Use of Computer and Network Resources Jim Conroy Acting Director, Academic Computing Services September 9, 2013.
Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
Boyertown Area School District Acceptable Use Policy.
Grid Security Users, VOs, Sites OSG Collaboration Meeting University of Washington Bob Cowles August 23, 2006 Work supported.
Basic Computer Security. Outline F Why Computer Security F Fermilab Strategy: –Integrated Computer Security –Defense in Depth F Your role and responsibilities.
Security, Privacy, and Ethics Online Computer Crimes.
Riverside Community School District
Basic Computer Security. Outline F Why Computer Security F Fermilab Strategy: –Integrated Computer Security –Defense in Depth F Your role and responsibilities.
Security Essentials for Fermilab System Administrators.
Security Essentials for Desktop System Administrors.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.
INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.
Fermi Computer Incident Response Team Computer Security Awareness Day March 8, 2005 Michael Diesburg.
 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.
APA of Isfahan University of Technology In the name of God.
General Awareness Training
Fermilab Computer Security Awareness Day November 2012 Basic Computer Security.
BUS1MIS Management Information Systems Semester 1, 2012 Week 7 Lecture 1.
Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
September 29, 2009Computer Security Awareness Day1 Fermilab.
Security Essentials for Fermilab System Administrators.
Charlotte Greene EDTC 630 A document of set rules by the school district that explains what you can and cannot do with district owned information systems.
Security Essentials for Desktop System Administrors.
Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
Security Essentials for Desktop System Administrators.
Use of U.T. Austin Property Computers: Security & Acceptable Use The University of Texas at Austin General Compliance Training Program.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
Jenkins Independent Schools NETWORK STAFF USER CONTRACT Acceptable Use Policy 2007 – 2008.
Technology Lab Rules, Procedures, Acceptable Use Policy Review Kindergarten-Second Grade This PowerPoint is meant to be used as a quick review! Students.
EAST HARDIN MIDDLE SCHOOL MR. ERVIN Internet Safety Policy and Acceptable Use Procedures.
Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.
Security Essentials for Desktop System Administrators.
Fermilab Computer Security & Strong Authentication Project Mark Kaletka Computing Division Operating Systems Support Department.
Security Essentials for Fermilab System Administrators 29-Sep-2009.
Slides copyright 2010 by Paladin Group, LLC used with permission by UMBC Training Centers, LLC.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Security Essentials for Fermilab System Administrors.
Security Essentials for Desktop System Administrors.
IT Security Challenges In Higher Education Steve Schuster Cornell University Copyright Steve Schuster This work is the intellectual property of.
January 07 th 2016 Intelligence Briefing NOT PROTECTIVELY MARKED.
Security Essentials for Desktop System Administrors.
Personal data protection in research projects
1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Computer Security Essentials for Fermilab Sysadmins Irwin Gaines and Matt Crawford Computing Division.
Security Essentials for Fermilab System Administrators 08-Dec-2011.
Computer Security Awareness day November 12, 2013.
Issues for Computer Users, Electronic Devices, Computer and Safety.
A properly constructed virus can disrupt productivity causing billions of dollars in damage A virus is a small piece of software that piggybacks on real.
Security Essentials for Fermilab System Administrators 29-Sep-2009.
Fermilab Computer Security Awareness Day. Why Computer Security  The Internet is a dangerous place We are constantly being scanned for weak or vulnerable.
ISSeG Integrated Site Security for Grids WP2 - Methodology
Fusion Center ITS security and Privacy Operations Joe Thomas
Critical Security Controls
Security in Networking
Chapter 3: IRS and FTC Data Security Rules
Information Security Awareness
Student User Agreement and Policy 2022
16. Account Monitoring and Control
Presentation transcript:

Security Essentials for Fermilab System Administrators Wayne Baisley Computer Security Awareness Day 10 November 2015

Security Essentials for Fermilab System Administrators 11/10/15Security Essentials for Fermilab System Administrators2

Why Computer Security? 11/10/15Security Essentials for Fermilab System Administrators3

Why Computer Security? 11/10/15Security Essentials for Fermilab System Administrators4

The State Of All The Things 11/10/15Security Essentials for Fermilab System Administrators5

I Hear You Knocking 11/10/15Security Essentials for Fermilab System Administrators6

I Hear You Knocking 11/10/15Security Essentials for Fermilab System Administrators7

I Hear You Knocking 11/10/15Security Essentials for Fermilab System Administrators8

Who’s Not Answering Their Phone? 11/10/15Security Essentials for Fermilab System Administrators9

Gone Phishin’ 11/10/15Security Essentials for Fermilab System Administrators10

Gone To China 11/10/15Security Essentials for Fermilab System Administrators11

Large Takeout Order 11/10/15Security Essentials for Fermilab System Administrators12 This past summer, the Office of Personnel Management's computers were hacked in what investigators believe was a Chinese operation. Security clearance information on 21 million Americans was stolen. Including the kind of information that could be used to blackmail people with top-secret clearances.

Recent News Be very careful with Amazon AWS and EC2 account credentials. 11/10/15Security Essentials for Fermilab System Administrators13

Recent News Be very careful with Amazon AWS and EC2 account credentials. 11/10/15Security Essentials for Fermilab System Administrators14

Recent News Linux.Encoder.1 Ransomware AES with symmetric key Key asymmetrically encrypted with RSA Easily broken because ~1-bit entropy for AES key (REAMDE.TXT) 11/10/15Security Essentials for Fermilab System Administrators15

Recognize | Reduce | Recover 11/10/15Security Essentials for Fermilab System Administrators16 Risk And Our Responsibilities

Recognize | Reduce | Recover 11/10/15Security Essentials for Fermilab System Administrators17 Risk And Our Responsibilities

Recognizing Risks High Bandwidth Enormous Storage Posh.gov Location 11/10/15Security Essentials for Fermilab System Administrators18

Recognizing Risks High Bandwidth Enormous Storage Posh.gov Location Nothing Marketable 11/10/15Security Essentials for Fermilab System Administrators19

Recognizing Risks IP & warez SPAM Malware Botnets DDoS attacks Website defacement 11/10/15Security Essentials for Fermilab System Administrators20

Recognizing Risks Stolen Credentials Destruction Of Data Waste Of Bandwidth Waste Of Time Frustration 11/10/15Security Essentials for Fermilab System Administrators21

Recognizing Risks Default root/admin privs Visiting malicious sites Watering Hole infections Visitor systems Promiscuous USB sharing Lack of gruntlement 11/10/15Security Essentials for Fermilab System Administrators22

TLAs Integrated Security Management (ISM) Defense In Depth (DID) 11/10/15Security Essentials for Fermilab System Administrators23

ISM: Reducing Risks “The security goes in before the service goes on.” 11/10/15Security Essentials for Fermilab System Administrators24

DID: Perimeter Controls Protocols blocked at border Proxies Transient blocks (from phishing campaigns, e.g.) Blackhole routes for systematic & scattershot probes Mail virus scanning Web malware scanning 11/10/15Security Essentials for Fermilab System Administrators25

DID: Central Authentication Primary passwords off the net Single turn-off point … well, dual-point … actually three … um, four … No visible services w/o Strong Auth Lab systems scanned for compliance 11/10/15Security Essentials for Fermilab System Administrators26

DID: Services Accounts Un-Kerberizable: Service Now Kronos FermiWorks Exchange … 11/10/15Security Essentials for Fermilab System Administrators27

Patch/Configuration Management Baselines: Linux, Mac, Windows All systems must meet their baseline All systems must be regularly patched Non-essential services should be off Windows, especially, must run AV (But especially Macs. But especially Windows.) 11/10/15Security Essentials for Fermilab System Administrators28

Patch/Configuration Mgmt Exceptions/Exemptions: Document case on why OS is "stuck" Patch and manage as securely 11/10/15Security Essentials for Fermilab System Administrators29

Grid Security Training Grid Sysadmin GUMS/VOMS Admin Griddleware Developer 11/10/15Security Essentials for Fermilab System Administrators30 Security Essentials for Grid System Administrator Security Essentials for Grid System Administrator

Major Applications Critical to the mission of the Laboratory Most things do not fall in this category Very stringent rules & procedures You'll know if you're in this category 11/10/15Security Essentials for Fermilab System Administrators31

Minor Applications Important to the mission of the Laboratory Most things do not fall in this category Stringent rules & procedures You'll know if you're in this category 11/10/15Security Essentials for Fermilab System Administrators32

Central Logging Use clogger Attackers will sanitize local logs Aids forensic investigations Problems may get noticed earlier, esp. full /var 11/10/15Security Essentials for Fermilab System Administrators33

Critical Vulnerabilities Active exploits declared critical Pose a clear and present danger Must patch by a given date, or be blocked Handled via TIssue events Similarly, OS End-Of-Life 11/10/15Security Essentials for Fermilab System Administrators34

AV Alerts & Automatic Blocking Some bad viruses cause an immediate block May require a Wipe+Reinstall If not, an offline scan is performed May be returned to service, if successful Inconvenience is unavoidable, alas 11/10/15Security Essentials for Fermilab System Administrators35

Computer Security Incidents Report suspicious/urgent events to x2345 or Follow FIR instructions during incidents Leave the systems running, but Keep infected machines off the network Preserve system for expert investigation Not to be discussed! 11/10/15Security Essentials for Fermilab System Administrators36

Fermi Incident Response (FIR) Triage initial reports Coordinate investigation Work with local sysadmins and experts May take control of affected systems Maintain confidentiality 11/10/15Security Essentials for Fermilab System Administrators37

Software Licensing Fermilab is strongly committed to respecting intellectual property rights. Use of unlicensed commercial software is a direct violation of lab policy. 11/10/15Security Essentials for Fermilab System Administrators38

Prohibited Activities “Blatant disregard” of computer security Unauthorized or malicious actions Damage of data, unauthorized use of accounts, denial of service, etc., are forbidden Unethical behavior Same standards as for non-computer activities Restricted central services May only be provided by approved service owners Security & cracker tools Possession (and use) must be authorized See

Activities to Avoid Large grey area, but certain activities are “over the line” – Illegal Prohibited by Lab or DOE policy Embarrassment to the Laboratory Interfere with performance of job Consume excessive resources Example: P2P (peer-to-peer) software like Skype and BitTorrent: not explicitly forbidden but very easy to misuse!

Licensed or Copyright Material Using Fermilab resources to obtain, possess, or distribute without a license to do so is in most cases a violation of several laws and Fermilab policy. This includes but is not limited to Video, Audio, Images and Software Do not download it via BitTorrent, newsgroups, the web, , or any other means. Do not borrow physical media and use Fermilab resources to copy it. The Laboratory can be held legally and financially liable for these actions.

11/10/15Security Essentials for Fermilab System Administrators42 Bit Piracy

Computing Policy Violation Consequences Forfeiture of computing equipment for analysis and reporting Loss of computing privileges (accounts, network access, etc.) Supervisory / Senior Management notification for adjudication Legal ramifications Possible punitive actions

Mandatory Sysadmin Registration All Sysadmins must be registered Primary Sysadmin responsible for configuring & patching -> "Verify your node registration" 11/10/15Security Essentials for Fermilab System Administrators44

Sysadmins Get Risk-Roled System manager for security Assist and instruct users to do it right Vigilant observer of your systems (and sometimes users’) behavior 11/10/15Security Essentials for Fermilab System Administrators45

Data Backup Policy For Users Decide what data requires protection How to be recovered, if needed Arrange backups with sysadmins Or do your own backups Periodically test retrieval 11/10/15Security Essentials for Fermilab System Administrators46

The Incidental Computist Some non-Lab-business use is allowed: I prefer personal phone/tablet via an external network. Note, however, that outside personal accounts don’t go through the AV scanners. Webmail does get scanned passing through the border router. 11/10/15Security Essentials for Fermilab System Administrators47

Data Privacy Generally, Fermilab respects privacy You are required to do likewise Special cases for Sysadmins during Security Incidents Or written Directorate approval 11/10/15Security Essentials for Fermilab System Administrators48

Privacy of and Files May not use information in another person’s files seen incidental to any activity (legitimate or not) for any purpose w/o explicit permission of the owner or "reasonable belief the file was meant to be accessed by others." 11/10/15Security Essentials for Fermilab System Administrators49

Offensive Materials Material on computer ≈ Material on desk A line management concern Not a computer security issue per se 11/10/15Security Essentials for Fermilab System Administrators50

Summary: User Responsibilities Of particular concern is illegally download material -Copyrighted works such as movies, shows, books -Licensed programs and data -Otherwise illegal files The Lab doesn’t need the liability. 11/10/15Security Essentials for Fermilab System Administrators51

Summary: User Responsibilities Appropriate use of computing resources Prompt incident reporting Proper PII handling (separate training) Know how your data is backed up Respect privacy of electronic information 11/10/15Security Essentials for Fermilab System Administrators52

Summary: Admin Responsibilities System registration AV, patching, configuration mgmt Strong Authentication access control No restricted services ( , dns, etc.) 11/10/15Security Essentials for Fermilab System Administrators53

Questions? for questions about security policy for questions about security incidents 11/10/15Security Essentials for Fermilab System Administrators54

Security Essentials for Fermilab System Administrators

Everything Is Important 11/10/15Security Essentials for Fermilab System Administrators56

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.