NEES has developed a comprehensive cybersecurity approach that includes best practice cybersecurity policies and mechanisms at NEEScomm IT and an annual security audit at each of the NEES sites. In its cybersecurity approach, NEES makes a judicious balance between the security needs and functionality available to the end users.
The NEES Cyberinfrastructure (CI) system is composed of fourteen equipment sites and one central IT facility at Purdue University, henceforth referred to as NEEScomm IT. With IT resources (hardware and software) spread across the system and connected together with internet protocols over the public internet, computer security is of prime concern. The CI serves a wide variety of users --- earthquake engineering researchers to the general interested public, from the academic and the practitioner communities. As a leading Cyberinfrastructure project, NEES has developed a comprehensive cybersecurity approach that includes best practice cybersecurity policies and mechanisms at NEEScomm IT and an annual security audit at each of the NEES sites. In its cybersecurity approach, NEES makes a judicious balance between the security needs and functionality available to the end users.
How to Report an Incident
Use the ticketing system at nees.org
- Access to non-public IT resources will be achieved by unique User Credentials and will require to be authenticated prior to access.
- NEEScomm will assign a username and password for Identification and Authentication purposes to each individual that has a business, research, or educational need to access NEEScomm IT resources.
- In all cases, only the minimum privileges necessary to complete required tasks are assigned to that individual. Privileges assigned to each individual will be reviewed on a periodic basis and modified or revoked upon a change in status within the NEES community.
- The password will be used as the primary user credential, to be used along with the username. A password may be used only by the authorized user.
- Passwords or accounts should never be shared with anyone, including trusted friends or family members. Account owners will be held responsible for any actions performed using their accounts.
- All NEEScomm IT resource passwords must be changed at least every one hundred twenty (120) days.
Guidelines for Protecting Windows Systems
- Log onto Microsoft Windows update website and check whether all security patches have been applied. NEEScomm IT recommends having Windows 7.
- Setup automatic updates for Windows (Windows 7 has this feature enabled by default).
- To protect against malware (virus, worm, bots, etc.), install Microsoft Security Essentials (MSE) software (or any other malware detection software of your preference). MSE is available (free of charge) here.
- Install and configure a firewall application (Windows 7 comes with built-in firewall); do NOT turn off the firewall unless you fully understand the security implications; never permanently turn off the firewall application.
- Check all opening ports on your Windows system. If unsure about this process, please contact NEEScomm IT to schedule an automated penetration test.
- Due to the excessive security issues with Internet Explorer, please limit its usage to only trusted websites; NEEScomm IT recommends Mozilla Firefox be downloaded, installed and set up as the default browser for your system.
For any questions or clarifications, please contact
|Saurabh Bagchi, Ph.D.
NEEScomm Cybersecurity Officer
|Fahad A. Arshad
NEEScomm Cybersecurity Software Engineer