Brookhaven Cyber Security
ALWAYS BACKUP YOUR DATA. Keep the backups in a protected area. The more
critical the data the more often you should backup.
- Users ("data owners") are responsible for determining what data
requires protection and how their data is to be recovered if the online
copy is destroyed (either by accidental or malicious damage).
- Users may choose not to back up data, but if so they must make sure
they know how to recreate the lost data if needed.
- If backup is necessary then the users must coordinate a backup plan.
This may either be an individual backup done by the users themselves or
coordinated with the system managers into a regular system backup plan.
Information can be either Sensitive, Mission Essential, or Non-Sensitive
within the unclassified designation.
- Owners and managers are responsible for determining the sensitivity
of their applications and/or facilities.
- For information and guidance in the handling of sensitive and
mission essential applications, contact the BNL Chief Cyber Security
Personal computers and sensitive information are popular targets for
theft. Properly protecting them is essential.
- Lock office when you are away or out of the office for any period of
- If your computer contains sensitive and/or mission essential
information, it must be kept in a locked area. For additional guidance
on handling sensitive and/or mission essential equipment/information and
for an appropriate risk assessment, contact the BNL Chief Cyber Security
- Facilities that process sensitive or mission essential information
must have locked doors, limited access, and sign-in sheets.
- BNL computers used off-site are to be protected from unauthorized
use and theft.
Computer Security incident can range from a simple virus to the
disclosure of sensitive information. Incidents can be minor, important, or
- All employees and users are required to immediately report any
suspicious incidents involving the security of the Laboratory computers
or networks, including apparent attempts at unauthorized access.
- Incidents should be reported to the Cyber Security Incident Response
Team (CSIRT) at x8484, or to the System Manager if immediately
- Refer to Procedures for Reporting Computer
Security Incidents for details.
Software is intellectual property and as such is protected by U.S.
- Purchasers of software have the responsibility for obeying the
- Making additional copies of software or installing software on more
computers than are covered by the license agreement is illegal.
- By Signing the BNL Computer Use
Agreement, the user is acknowledging that he/she has read,
understands, and agrees to comply with the copyright and licensing laws
governing the use of Brookhaven National Laboratory computing resources.
Protecting your computer and disks from viruses is important to prevent
damage to the system and/or files.
- PC & MAC users can obtain a virus checker from the Anti-Virus
procedures web page.
- Do not put a diskette of unknown origin into your PC unless you have
checked it with a virus checker.
- Don't assume a disk is safe. Always check it for viruses prior to
Most computer security incidents can be traced to bad/improper password
choice or management.
- Computer Users are responsible for following the BNL password
procedures developed in accordance with DOE guidelines.
If you have an account on a multi-user computer or network, you are
responsible for ensuring that your account is used responsibly and only for
BNL approved work.
- All accounts should be password protected.
- Accounts that will not be used for 12 months or more shall be
- System managers shall remove or deactivate accounts with passwords
that do not meet with BNL policy.
- Accounts shall only be used for official BNL business.
If you have a question that is not addressed in these pages, please send
an email to
Last Modified: September 1, 2011
Please forward all questions about this site to: