IT Security
Overview
All ICHEC users have a responsibility to ensure that they keep their credentials secure (passwords, keys, Multi-Factor Authentication tokens) to prevent unauthorised access. Our aim is to provide support and guidance to keep users proactive rather than reactive where IT security is concerned.
Table of Contents
- Overview
- General Advice
-
Frequently Asked Questions
- 1. How do I report a security vulnerability?
- 2. What should I do if I receive a fraudulent email portraying to be from ICHEC?
- 3. What if I responded to a phishing email and gave my ICHEC Username and Password?
- 4. How does ICHEC respond to compromised accounts?
- 5. My email account was compromised, should I change my ICHEC password?
- 6. What is ICHEC doing in response to recent attacks on HPC systems across Europe?
Back to top
General Advice
- Remember: The most frequent cause of IT security incidents are phishing emails. Phishing is an attempt to fraudulently acquire sensitive information, such as username, password and banking details, by masquerading as a trustworthy organisation or individual in an email message.
- If you think your workstation has been compromised, it may be possible that the credentials you use to access to ICHEC systems may have been stolen. This can have a knock-on affect on the security of our systems, and therefore we urge you to change your password and replace your SSH keypair with a new one. You should always contact the ICHEC Helpdesk (support@ichec.ie) and we can work with you to secure your account.
- Store your passwords in a password manager. The longer your password is, the better. Don't write down your passwords or send them using an unencrypted method.
- The password for your ICHEC account should be unique and kept private. Similarly, you should use a unique SSH keypair to access ICHEC systems, and the private key should be encrypted with a strong passphrase.
- Ensure you have taken all possible steps to secure your devices and data, regardless of whether you are connecting to ICHEC resources from your institution-owned machine or a privately-owned machine.
- Install antivirus and enable a firewall on all your workstations that connect to ICHEC systems.
- ICHEC will never ask for your password or your SSH private key.
- Always keep regular backups of all data your store on the Kay National HPC System.
Back to top
Frequently Asked Questions
1. How do I report a security vulnerability?
Please refer to our Responsible Disclosure page.
2. What should I do if I receive a fraudulent email portraying to be from ICHEC?
- Do not click any links
- Do not open any attachments
- Do not enter any personal details on the fraudulent email or website
- Report the ’phishing’ email to the ICHEC Helpdesk (support@ichec.ie)
- Delete the email.
3. What if I responded to a phishing email and gave my ICHEC Username and Password?
- You should change your ICHEC password immediately. If you used the same password elsewhere, you should change it on those systems also.
- Report the issue to the ICHEC Helpdesk (support@ichec.ie) and we can engage further with you.
4. How does ICHEC respond to compromised accounts?
If ICHEC discover unusual activity on your account, ICHEC will (in line with our ICT Security Policy):
- Put a temporary block on the account to prevent any further damage.
- Cancel any submitted jobs (if the compromised account had access to the Kay National HPC System).
- Notify you that your account has been blocked and the next steps to take, including resetting your password and re-generating a new SSH keypair.
- Investigate the compromised account in detail and notify any other organisations if required (e.g. PRACE partners).
- Once resolved, restore account access.
5. My email account was compromised, should I change my ICHEC password?
After you have secured your email account, it is good practice to change all your passwords. You can change your ICHEC password here.
6. What is ICHEC doing in response to recent attacks on HPC systems across Europe?
ICHEC have been implementing a number of changes, including infrastructure/technical changes and from June 2020, requiring all users logging into Kay to authenticate using an ICHEC username, ICHEC password and an SSH key. This year, we will also be implementing additional Multi-Factor Authentication (MFA) methods and making other account changes.
Back to top