Fermilab Computer Security
Incident Reporting
|
Incidents which must be reportedAll employees and users are required to immediately report any suspicious incidents involving the security of Fermilab computers or networks, including apparent attempts at unauthorized access. Incidents which must be reported include computer- or network-related activity, internal or external to Fermilab, that may impact Fermilab's mission through, for example, the possibility of: loss of data; denial of services; compromise of computer security; unauthorized access to data that Fermilab is required to control by law, regulation, or DOE orders; investigative activity by legal, law enforcement, bureaucratic, or political authorities, or a public relations embarrassment. Where to reportIncidents at any hour should be reported to the Feynman Computing Center Customer Support Help Desk at 630-840-2345, or to the system manager if immediately available. System managers are expected to report incidents immediately that do not have a simple explanation based on normal routine operation of the system. If there clearly is no urgency, incidents may be reported by email to computer_security@fnal.gov. Investigation and Information DisclosureThe Fermilab Computer Incident Response Team (FCIRT), appointed by the CSExec, will investigate all reported incidents. The Head of FCIRT may assume full administrative control of affected systems until the incident is resolved, and may call on other technical experts for priority assistance. Employees and users must not disclose information resulting from a computer security incident without authorization. The head of the FCIRT and the CSExec, in consultation with the head of the Computing Division and the Public Information Office, will determine specific information to be disclosed to employees, users, other organizations, and the public. |
For assistance contact helpdesk@fnal.gov. |
