Summer has arrived. And with it, 2017’s summer students. Welcome to CERN! Ahead of you are two months of great lectures, challenging projects, the possibility to expand your network of peers… and lots of fun! In order to make sure that the fun lasts to the end, here is a small plea from the CERN Computer Security team to you and your supervisor.
CERN runs an open IT environment like you might be used to at your university. You can bring your own computers/tablets/smartphones and hook them up to our Intranet. A CERN e-mail address will be assigned to you. You can launch your own personal homepage hosted by CERN. You can instantiate virtual machines and play around with your pet IT project. Lots of freedom, lots of flexibility. But this does not imply that CERN is the Wild West. Please note that CERN has a set of Computing Rules, which define the extent of your freedom and flexibility. They usually stop where the operations and reputation of the Organization are at stake. So the browsing or downloading of illegal, unethical or offensive web content is not permitted. This includes pornographic material of any kind. Running software illegally or using pirated licence keys for software installed on your computer or a computer used by you is also not allowed. CERN has encountered some problems with this in the past (see our article “Do you have 30 kCHF pocket money?”. Furthermore, please refrain from sharing music, videos, films, games or software with your peers, friends and families while using CERN’s networks. Generally speaking, such file sharing is considered to be a copyright violation in various ways in different European countries, including in the two CERN host states, and can affect our reputation in a negative way (see “Music, Videos and the Risk for CERN”). Last, but not least, any political, commercial or profit-making activity, if not related to your CERN duties, should be managed from outside the CERN network and should not use any CERN resources (e-mail addresses, websites, etc.). Just be reasonable!
Finally, if you happen to be working on a project linked to IT, like developing software, designing a webpage, deploying a database… please do not try to reinvent the wheel. We have seen too many brilliant developments fail after the originator left CERN and the project was left in limbo. So if you are working on a project developing code, get the appropriate training first so that your software is “free” of bugs and vulnerabilities that may spoil the functionality of your code and your program. If you have been asked to set up a database or a web server, consider the solutions offered by CERN’s IT department first (the full catalogue is available here: they provide a database-on-demand service as well as various web services for free. No need to mess around with hardware, operating systems, web servers and the like – simply create your webpages! Also note that the use of external services (i.e. web services outside CERN) is not recommended from a computer security perspective. If you have any doubts or need help designing and structuring the computing part of your project, get in touch with us at Computer.Security@cern.ch. For those of you who are engaged in mathematical simulations, engineering tasks or the design of control systems: CERN provides a portfolio of engineering applications for free. There is no need to download additional software from the Internet. If you do need to, contact Software.Licences@cern.ch first, as that software might come with licence costs or may violate the copyright of third parties.
With those few reasonable basics in mind: enjoy your time at CERN!
Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, visit our website or contact us at Computer.Security@cern.ch.