||All computer systems, software, and network systems provided by the
DOE are to be used exclusively for DOE-sponsored work.|
||Users are accountable for their actions and may be held liable to
administrative or criminal sanctions for any unauthorized actions
found to be intentional, malicious, or grossly negligent.|
|Passwords and User IDs
||A user identifier (username) and password are required of all users.
Passwords must be greater than 8 characters long, not found in a dictionary,
and must have at least 2 alphabetic and at least one numeric or special
character, provided such passwords are allowed by the operating system or
application. Numeric characters must not be the first or last positions of
the password. Passwords must not be based on common names, family names,
or simple letter patterns. Passwords should be changed every 6 months or as
soon as possible after an unacceptable exposure or suspected compromise or
when directed by management.|
HINTS AND GUIDELINES FOR PASSWORD CHOICES:
- The password should not contain the user ID, birth day, birth
year, license plate number, employee number, Social Security number,
phone number, or any personal information that could be readily
learned or guessed.
- The password chosen for use at General Atomics should be different
than passwords used elsewhere.
- The password should not use any name or phrase that would easily
be associated with the user (e.g., spouse's name, children's name,
car's name, etc).
- Passwords should not be shared except in an emergency or operational
necessity. In such cases, the password needs to be changed as soon as
possible after the situation is cleared.
- Passwords should not be posted in an easily accessible area (e.g.,
under the keyboard, written on the white board, a post-it
note on the terminal, etc).
- An easy way to create a password is to use a pass phrase based on
an easily remembered sentence. For example, use the first letter of each word of
the sentence and include capitalization and punctuation.
- Do not store your passwords in a file or within an application unless
it is encrypted.
||Users are not to attempt to enter computer systems by any means
other than their own account. Users are not to use Email in a
fraudulent manner, either by faking another's identity or by
sending messages of inappropriate content. Users are prohibited
from intercepting messages or files by impersonating another user
or person. Users are not to attach any equipment to the network
without prior approval from the Fusion Computer Administrator.|
||All software used on all GA computers must be appropriately acquired
and used according to the appropriate licensing. Possession or use
of illegally copied software is prohibited. Likewise, users shall not
copy copyrighted software, except as permitted by the owner of the
||Fusion computer users are prohibited from processing or storing
sensitive unclassified or classified data on any Fusion computer.
If the need arises for this type of processing, the DOE Cyber
Security administrator must be contacted.|
||Users are advised to take appropriate measures to protect information
and applications. Computers and network systems are inherently
insecure. It is each user's responsibility to ensure that adequate
protective measures are used to transmit and secure data.|
||Email services are provided as a tool to enhance collaborative work. Email is to be used for work related Fusion business only. Although some small personal incidental usage is permitted, it should never be used for lobbying or political activities, or for non-work related solicitations, chain letters, jokes, or derogatory missives. To do so violates GA and DOE policies.|
- Users are prohibited from changing or circumventing access controls
to allow themselves or others to perform actions outside their
- Users are not allowed to reconstruct or recreate information or
software for which they are not authorized.
- Users are prohibited from taking unauthorized actions to
intentionally modify or delete information or programs.
- Users must not introduce or use malicious software such as
computer viruses, Trojan horses, or worms.
- Users may not deliberately interfere with other users
accessing system resources.
- Users are not to engage in unauthorized file sharing or
distribution, particularly with copyrighted material.
|Waste, Fraud, and Abuse
||The DOE Unclassified Computer Security Program requires that DOE
unclassified computers be protected from abuse and misuse. All
users are required to address, safeguard against, and report misuse,
abuse, and criminal activities. Fusion computer administrators are
required to review the contents of computer files at unannounced
intervals and by means of random sampling. Misuse of Fusion/DOE
resources can lead to temporary or permanent disabling of accounts,
administrative actions, and/or prosecution.|
||Minor incidental personal use of DOE equipment is allowed if:
- it does not involve illegal activities,
- it does not involve personal gain,
- it does not violate GA policies,
- it does not violate DOE policies,
- it does not embarrass GA, the Fusion Group, or the DOE,
- it does not consume excessive resources or interfere
with the work of the Fusion Group.
|Network Access Only
||On occasion, a computer user may require network access only to
the Fusion Group Local Area Network (LAN). This access takes
place in "DOE cyber space"; that is, a network that includes DOE
computer resources. Because of this cyber proximity, the policies
and procedures outlined above apply to this type of access|
||Wireless access is provided as a convenience to registered users.
Such access is usually available in conference rooms during meetings.
It may be available in the DIII-D Control Room or other group areas.
The wireless network connects to the Fusion LAN and is, therefore,
governed by the above Policies and Procedures.|
|Mobile Computing Devices
||All network-enabled devices must be cleared by the Fusion Computer Administrator before accessing the Fusion network. Visitors are welcome to bring their institution devices but personal devices are not permitted on the Fusion network. In addition, all computers must have current security patches installed and be running anti-virus software with current signatures files. All GA-provided computers (mobile as well as stationary) should have security patches and anti-virus signatures updated automatically. The Fusion Computer Administrator, with the approval of the DIII-D Computer Systems manager, must clear exceptions to this.|
||The U.S. Department of Energy Office of Science (SC), which is the primary sponsor of the DIII-D National Fusion Facility, requires that a limited set of information relating to your user project/experiment be transmitted to SC at the conclusion of the current fiscal year. A subset of this information, including your name, institutional affiliation(s), and project title(s), will be publically disseminated as part of an SC user facility user projects/experiments database on the SC website, http://science.energy.gov, after the conclusion of the fiscal year. For proprietary projects, SC requests that the user provide a project title that is suitable for public dissemination.|