October 1992 Proper Use of Fermilab Computing Facilities General The computing facilities at Fermilab are funded by the Federal Government to support research projects undertaken by the Laboratory. The Government has strict regulations regarding the use of these facilities documented in DOE Order 1360.2. ``Computer Security For Unclassified Computer Systems''. All files containing data or programs which are sensitive or critical to the success of the high energy physics program must be protected against loss or improper manipulation. Examples of use which the Government may consider improper include, but are not limited to, using computer systems for: personal correspondence, outside organization membership lists, poetry, sports ladders/pools, games, programs utilized for personal gain, etc. Certain types of data, including personnel data (Privacy Act of 1974), proprietary data, financial, procurement and inventory data require special treatment under the DOE order. Before assembling or accessing such data, consult with the Computer Protection Program Manager, Irwin Gaines, ext 4022. The Government has established that computer misuse and unauthorized access of government computers is a crime punishable by law. To assist in preventing misuse, Fermilab is required by the Department of Energy (DOE Order 1360.2) to make periodic inspections of user files including electronic mail and take appropriate action when misuse is discovered. User's Responsibilities Fermilab employees, visitors, and guest users may use the computer systems in support of the high energy physics program. Users are asked to refrain from actions that may interfere with use of the computer by others. You should not share your computer accounts. Users are responsible for any use that others make of their account. The Fermilab computer systems have some proprietary programs that may be used but not copied. Application for and assignment of a Fermilab computer account carries with it acceptance of the general and user responsibilities above. Passwords Many of the hacker penetrations to Fermilab computers could have been avoided if the users used good common sense in creating and protecting their passwords. The following are some of the important points regarding passwords: - Not easily guessable. Not the same as the username. Not personal information, even backwards. Not dictionary words. - Should be at least 6 alphanumeric characters. Passphrases are fine, especially if deliberately misspelled, but remember most UNIX systems only use the first 8 characters. - Do not put yours or others passwords in files. - Change your password frequently (at least twice annually) -- and don't change it back to a previously-used password. - You should not give your password to someone else, but if you do, change it immediately when their usage is completed. Licensed Software Licensed software, sometimes referred to as proprietary software, is obtained by the laboratory for your use. Most of this software carries with it explicit (sometimes implicit) restrictions as to who, what, where, when, and how the software may be used. In general, if the software is on the system in libraries supported by the Division and you use it in the advertised way, its usage on that local system is unrestricted. It should be assumed that you may not make or take a copy away with you unless you have permission to do so. Most software now has legal protection under patent or copyright law. Signature Your signature here carries with it acceptance of this proper use statement.