Be diligent in protecting your account, data, and equipment.
The lab is going through a cyber-security audit this month, which will have a few phases. They’re going to be trying any number of things to test our defenses and our ability to recognize and deal with cyber threats. Social engineering/phishing is almost certain to be part of their toolkit, and at some point they’ll even have physical access to the building.
I’ll send another reminder as we get closer, but I wanted to make sure everyone was in the right mindset. The recent phishing attack simulation demonstrated there were some holes and that people can be fooled. So, let’s be on our toes. Lock down or lock up any equipment that’s going to be unattended. Don’t fall for password reset mails. Or phone calls.
Remember — nobody ever needs to know your password. As a system administrator, if I need to know your password, I can change it to something I know and tell you want it is. You should never need to reveal your password to anyway.