CERN Computer Security Information

Seven Good Practises for your Computer Security

  1. Use operating systems provided by CERN's IT department
  2. Protect your private and home computers
  3. Be careful with e-mail & Web
  4. Protect your passwords
  5. Protect your files and data
  6. Follow CERN Computing Rules
  7. Let us help you

1. Use Operating Systems provided by CERN's IT Department

At CERN, you are responsible for keeping your PCs properly protected and their operating system and applications up-to-date (see the Computing Rules). The easiest way to do is to use PCs managed centrally by CERN's IT department. The IT department will then automatically ensure that the PC is secured, runs an up-to-date anti-virus software, and that its operating system is properly patched. For the private usage/usage at home, the Windows operating system can be obtained here at decent costs.

Please check here further details on How to secure your PC or Mac.

2. Protect your Private and Home Computers

Many people at CERN use their private laptop or connect to CERN from their home PC. A weakly protected laptop or PC puts the CERN site, and your account, at risk. Therefore, we recommend you to use the freely available CERN anti-virus software for Windows or Apple Mac, apply software updates in a timely manner, and don't install any untrusted software. Also run without administrator privileges whenever possible - this restricts the damage malicious software can do. And don’t forget to lock your screen with a password when you leave your office.

Please check here further details on How to secure your PC or Mac.

3. Be careful with e-mail & Web

Despite the usefulness of the Internet and the World Wide Web, malicious people misuse it to (try to) compromise your PC. Visiting the "wrong" Web page is sufficient. Therefore, don't click on suspicious links (also in emails), don’t open unexpected or suspicious e-mails or attachments, and don't install untrusted plug-ins or applications.

4. Protect your Passwords

"Your password should be treated like a toothbrush: you do not share it and you change it regularly!"

No legitimate person will ever ask you for your password (or the PIN number of your Credit Card). Thus, never share them, beware of attempts to trick you into revealing your password ("phishing"), and don't reuse them - but use different passwords for different purposes. Also, do not provide your password to Web sites you do not trust, and do not type them on untrusted computers (e.g. in Internet Cafés). Finally, your password should be hard to guess and not be found in any dictionary. It should be at least 8 characters long and contain a mixture of capital and small letters, numbers and symbols. Choose a good one!

Please find further details here.

5. Protect your Files and Data

May I read you salary sheet? Of course not. Please restrict the access to your documents and folders - in particular those containing sensitive or confidential information like meeting minutes, contracts, passwords, ... - and follow the principle of least privilege. Ensure that only those people who have a need to access your files and data can do. Also respect copyrights of files and data - do not run file sharing applications like Bittorrent, eDonkey, Emule, or KaZaA.

More details on file protection can be found here for AFS and for DFS.

6. Follow the CERN Computing Rules

At CERN, the individual users are responsible for securing their PCs, data, systems and services. With obtaining your CERN account, you have committed yourself to obey the CERN Computing Rules. Therefore, follow these rules for using CERN's computing and network resources. In particular, stop running any restricted software and respect the confidentiality and copyrights of data, music, videos and software applications. Also remember that the consultation of illicit (e.g. pornographic) material is not allowed and that the personal use of CERN’s computing facilities is tolerated only if the frequency and duration are limited and the resources used are minimal.

7. Let us help you

The Security Team is there to help you and offers you, among others, recommendations & tips, training courses, code reviews, Web and servers scanning.

If you need help, have questions, or want to discuss issues around computer security then contact us at or check our other Web pages.