Dispatches From The Geeks

News and Announcements from the MCS Systems Group

Maintenance window for GitLab services Wednesday 2018-04-04 12:00 to 13:00

A maintenance window of our GitLab services has been planned for Wednesday 2018-04-04 from 12:00 to 13:00 in order to update the software.

GitLab services provided by gitlab.cels.anl.gov and xgitlab.cels.anl.gov will be unavailable during maintenance.

Service is expected to be restored by 13:00 on 2018-04-04, and may be available sooner than that.

If this window poses undue inconvenience please let us know, we can reschedule if needed.

– CELS Systems

Advertisements

Written by Craig Stacey

April 2, 2018 at 9:55 am

Posted in Uncategorized

Update: ftp.mcs.anl.gov online

http access has been re-enabled. CELS/MCS linux users, please visit /mcs/ftp.mcs.anl.gov from any green workstation or login node and look at files you may own. There are files from the 90s in there that may be perfectly valid, but it would be nice to make sure you’re aware of what you’re publishing to the world. Of special interest would be /mcs/ftp.mcs.anl.gov/pub/People. At some point soon we’ll be disabling any paths belonging to former employees. Thank you.

Craig

Written by Craig Stacey

March 29, 2018 at 4:18 pm

Posted in Uncategorized

Update: ftp.mcs.anl.gov offline

The FTP server is back online. Incoming anonymous FTP uploads have been disabled. If this is a feature you need to make use of, please let us know at help and we’ll help you find alternatives (such as scp or Box).

HTTP access to the ftp directory is still off for the time being while we make sure configurations are correct.

Craig

On Mar 28, 2018, at 4:50 PM, Stacey, Craig <stace> wrote:

We’ve had to take ftp.mcs.anl.gov offline due to a cyber incident. We’ll send more when it’s back online, no ETA at this time.

Craig

Written by Craig Stacey

March 29, 2018 at 10:32 am

Posted in Uncategorized

ftp.mcs.anl.gov offline

We’ve had to take ftp.mcs.anl.gov offline due to a cyber incident. We’ll send more when it’s back online, no ETA at this time.

Craig

Written by Craig Stacey

March 28, 2018 at 4:50 pm

Posted in Uncategorized

Protecting data on your laptop

Hey, folks!

First of all, Happy Spring! Okay, I know it doesn’t feel that way yet, but we’re getting there. Hang in there.

Anyway, now that we’ve done the required small talk as outlined in the human interaction manual that my handlers insist I read, I need to remind you all about the importance of securing data on your personal devices, especially laptops.

This can be summed up in three bullet points, each followed by some informative and pithy remarks. So, let’s get to it.

===

1) Don’t keep sensitive data on your laptop.

If at all possible, anything that’s sensitive should not be stored on your laptop. This includes business-sensitive items, "Official Use Only" documents, or anything that has other restrictions (PII, Export Controls, etc). You can keep most of this stuff in Box (except PII at the moment, more on that lower), however make sure your’e not syncing any Box folders with sensitive data to your laptop. There’s a helpful document at http://inside.anl.gov/questions/information/can-i-store-ouo-pii-ucni-export-controlled-or-nda-type-information-box that outlines what we can and can’t keep in Box.

PII should be kept in Lockbox for the time being. You have a lockbox directory, and you can reach it at lockbox.it.anl.gov/users/<your 8 digit badge number>. If your badge number is 50133, for example, on a windows machine you’d use \\lockbox.it.anl.gov\users\00050133. On a mac, you would use smb://lockbox.it.anl.gov/users/00050133, and so on in that fashion. Instructions can be found here: http://inside.anl.gov/category/computing/cyber-security/personally-identifiable-information.

The key is that if it’s avoidable, this data should not be on your laptop. That way when you lose the laptop or have it stolen (it happens to the best of us), there aren’t any unfortunate newspaper headlines, congressional inquiries, Spanish Inquisitions (which nobody expects), or horrible, horrible fines. Which brings me to the second bullet point…
===

2) Read your training material!

Did you know you are personally responsible for data protection? Did you know you can be held financially liable for exposing sensitive data? If the answer to either of those is "no", then you haven’t read your training materials. Let’s look at SEC101 (http://www.eshtraining.anl.gov/courses/SEC101/loaders/SEC101.pdf). Specifically:

"Argonne National Laboratory and/or the individual employee may be liable if significant violations of Export Control Regulations occur. Penalties may include seizure of laboratory equipment, fines and prison terms."

Holy Guacamole! (Which is the best Guacamole, IMHO. Not too spicy, just the right amount of salt. Mmmm.)

The crux of it is to not be cavalier with the data you’re handling. You really need to take the necessary steps and precautions to protect it. I know you’re very careful, but you’re not always in control of what happens to your equipment, and it can get stolen before you know it. Just some simple mitigating steps can help everyone (this includes you, you’re part of everyone). The first step is bullet point #1 – keep the data off your laptop. But, okay, I get it. Sometimes you need the data local. Well, then, read on.

===

3) Protect your data with encryption!

If you’re running and Mac or Windows laptop, it’s super easy to encrypt the entire disk (File Vault for Mac and Bitlocker for Windows) will do the job just fine. You could create a separate encrypted partition or disk image to store data. There are options. But the key is don’t just presume the fact that your laptop requires a password to login is enough to protect it — it’s not.

(Side note: if your laptop doesn’t require a password to login, we’re going to have words. Some of them will be impolite, but part of that’s on you.)

If you’re running a linux laptop, or want help with setting up encryption, we can help you come up with a solution.

===

There you have it. Three bullet points, some whimsical musings, and some good advice. Well, I think it’s good advice, anyway. End goal here is that if you lose a laptop, the worst case scenario is no data of consequence is exposed, and we’ve demonstrated that we take data security seriously. Because if we don’t demonstrate that, we lose the ability to be in control of our data security. The last thing *I* want to have happen is that all our researchers lose the ability to run and administer their own laptops, but that’s the course we head down if we have data exposure.

I encourage you all to look at the CELS Systems Laptop (and Desktop) support policy at https://wiki.cels.anl.gov/IT/index.php/Laptops. As a group, CELS Systems is dedicated to making sure you can do your research as unencumbered as possible while being in compliance with Argonne and DOE policies – your attention to these details help us maintain that balance.

We now return you to your regularly scheduled programming. How ’bout that weather, huh? Oh right, I already discussed that.


Craig

Written by Craig Stacey

March 27, 2018 at 5:14 pm

Posted in Uncategorized

COMPLETE: Maintenance window for GitLab services

The updates of our GitLab services at https://gitlab.cels.anl.gov and https://xgitlab.cels.anl.gov have been completed.

Written by Craig Stacey

March 7, 2018 at 12:20 pm

Posted in Uncategorized

Maintenance window for GitLab services, 2018-03-07 12:00 – 13:00 CST

A maintenance window of our GitLab services has been planned for Wednesday, 2018-03-07 from 12:00 to 13:00 CST, in order to update the software.

GitLab services provided by gitlab.cels.anl.gov and xgitlab.cels.anl.gov will be unavailable during maintenance.

Service is expected to be restored by 13:00 CST on Wednesday, and may be available sooner than that.

If this window poses undue inconvenience please let us know, we can reschedule if needed.

Written by Craig Stacey

March 6, 2018 at 1:57 pm

Posted in Uncategorized

CANCELED: Maintenance window for GitLab services, Today 12:00 – 13:00 CST

A workshop using GitLab’s services necessitates re-scheduling maintenance for another time. GitLab services will remain unaffected today.

Written by Craig Stacey

February 28, 2018 at 11:58 am

Posted in Uncategorized

Maintenance window for GitLab services, Today 12:00 – 13:00 CST

A maintenance window of our GitLab services has been planned for Today from 12:00 to 13:00 CST, in order to update the software.

GitLab services provided by gitlab.cels.anl.gov and xgitlab.cels.anl.gov will be unavailable during maintenance.

Service is expected to be restored by 13:00 CST today, and may be available sooner than that.

If this window poses undue inconvenience please let us know, we can reschedule if needed.

Written by Craig Stacey

February 28, 2018 at 10:17 am

Posted in Uncategorized

FYI: Thinkpad X1 Carbon 5th Gen Recall

Written by Craig Stacey

February 9, 2018 at 11:15 am

Posted in Uncategorized