skip to main content
Caltech
Department of Astronomy
Astronomy  /  Internal Info  /  IT Resources  /  Cybersecurity

Cybersecurity

Policies

  • IMSS has a good collection of security tips at: Security Best Practices web page.
  • Like many other universities, Caltech has been targeted recently by scammers who send email to Caltech users demanding that the recipient respond with username/password information, with a threat of account deletion if the recipient does not comply. We will never ask you for your password, and we strongly recommend against ever sending passwords in unencrypted email messages.
  • If you are having problems connecting Caltech wireless/Internet, make sure that it's not blocked by IMSS.
  • You must not log in using another individual's login name, or allow any other person to access facilities using your login name. You should therefore not leave unattended logins on publicly accessible systems.
  • You must set a secure login password and keep it secret (see Setting a new logon password). The choice of a secure password is essential both to the security of your own account and potentially to those of others as many means of "hacking" systems require the hacker to have an account on the system to which they can login.
  • Accounts on the systems are issued primarily for academic work. A small amount of recreational use is permitted but this must not interfere with academic use of the system or annoy or upset other users, e.g. by causing noise or displaying pornographic images.
  • Information belonging to other users is confidential. You must not read, access or modify any file not owned by you without the explicit permission of the owner.
    Please check Caltech policy on confidentiality of private information
  • Please check Caltech's copyright and Software Policy

CrowdStrike

  • CrowdStrike is a software package for monitoring and detecting security breaches. You can think of it as an antivirus program on steroids.​
  • A small program runs in the background on your computer, watching for any downloads of malware, running of suspicious commands, suspect network connections, etc.​
  • Any detections result in an immediate notification and – optionally – blocking of the network on the machine with the suspicious activity. The idea is to stop the malware before, say, it can encrypt everything as Ransomware.​
  • Caltech has a site license for CrowdStrike. We are installing it on all servers and at the observatories. We recommend this software be run on all systems. All recent operating systems are supported. For labs or special applications, we can customize its behavior and add additional people to the alerts.

For installation on individual systems please create a request ticket with IMSS: Crowdstrike Falcon

Please contact [email protected] for assistance if necessary.