In an effort to provide dynamic content relating to Cyber Security or IT News during the login process, we are working on a change to the Berkeley Lab Identity "LDAP" login page.. We are planning on implementing this change on the evening of Thursday, September 17.
A more streamlined page as shown in the screenshot will, on occasion, be enhanced with a news or cyber security alert that will appear at the bottom of the page.
For a look at the options we are working on, go here. (requires logging in to the Commons wiki) - then click the future login tab.
We would also like to remind you that we have a self service password recovery option (see the "Lost or forgot password" link - but you must have identified secondary contact information at least two weeks before you need to use it. Go to https://password.lbl.gov/ to update your notification information.
A power shutdown is scheduled for this Saturday, July 11th to enable necessary maintenance on the Lab’s power distribution system. The power shutdown involves several buildings, including the 50 complex, which houses the Lab’s central IT systems.
Most IT systems will be offline from Friday, 7/10 at 5:00pm through midday on Sunday, 7/12. We expect most systems to be available by Sunday night but some systems will not return until Monday midday.
If you are in a building impacted by the outage (see below), there will be no network connectivity inside your building or access to the internet during the power outage. In addition, you are strongly encouraged to shut down all computing equipment before the outage. Computers and equipment are easily damaged by power outages.
Services that should be available
We expect the following systems to be AVAILABLE throughout the outage:
http://www.lbl.gov, today.lbl.gov, newscenter.lbl.gov, and status.lbl.gov
Google mail/calendar/docs/sites
http://login.lbl.gov (single sign-on gateway to Google mail/calendar/docs/sites)
LDAP directory Services and Authentication
Laboratory Network Connectivity, Telephony, and Cyber Security (except in buildings impacted by the power outage)
One Time Password authentication services including the shell.lbl.gov OTP Gateway.
However, in any power outage, there is the possibility that backup power systems will not function as expected. With the exception of www, today, newscenter, and status, it is possible that the services above may also be unavailable if backup power does not come on.
Services Not Available
The following systems will be OFFLINE from Friday night until Sunday night (sub-bullets are examples of services, not all inclusive lists):
All Business Applications (Return to Service by Sunday at 5pm)
EHS Systems, Facilities Systems including Maximo, Financial Systems (FMS, AMS, ebuy, etc), HR Systems (HRIS, LETS, etc), Reporting Tools (Cognos), Protective Services Applications (visitorpass), etc.
All High Performance Computing Systems provided by IT (Return to Service by Monday at 5pm)
All HPC Clusters
Lawrencium
All HPC managed storage and web servers
All Collaboration Services except for Google Apps (Return to Service by Sunday at 5pm)
Windows File Storage provided by IT (synonyms: CIFS, Grouper, G Drive, etc)
Commons.lbl.gov Wiki
Legacy Systems: eRoom and Webspace
All Hosting Services provided locally by IT (Return to Service by Sunday at 5pm)
Systems hosted on Websnap/Plesk Infrastructure
Customer Virtual Machine Hosting
Most everything else: (Return to Service by Sunday at 5pm)
UCB Library Proxy Service
Windows Printing Services
Some Windows Authentication Services
Sophos AV updates
List of Buildings Impacted by Power Outage:
33B, 50, 50A, 50B, 50C, 50E, 50F, 54, 55, 55A, 56, 56A, 56W, 60, 63, 64, 65, 65A, 65B, 70, 70A, 71 complex, 71A, 71B, 71C, 71 Trailers, 88, 88D, 90 complex, 90 Trailers, and Blackberry Trailers
These buildings have different power outage windows on Saturday. However, given the various dependencies and pre-outage shutdowns, customers in these buildings should assume no network connectivity from early Saturday to early Sunday, even though it is expected the outage will be shorter.
Commons.lbl.gov is currently experiencing intermittent availability issues. IT is working to resolve these.
On June 4, the Office of Personnel Management in the Federal Government announced a major breach of data on 4 million individuals.
Since Berkeley Lab employees are not Federal employees, most LBL employees and affiliates are not included in the scope of the breach. However, OPM also processes security clearances for the Federal Government, which a very small number of Berkeley Lab employees have or have had in the past. In addition, LBL has employees who previously worked as Federal employees. While no specifics have been announced,both individuals with clearances and former federal employees should monitor the news as well as look for emails from OPM's contractor [email protected] to learn if they were potentially impacted
Does this impact me?
As employees of the University of California, your information is not shared with the Office of Personnel Management. However, if you are one of the small number of LBL employees with a security clearance, or if you are a former Federal government employee or clearance holder, you may be impacted.
Could this happen here?
Security breaches by sophisticated adversaries can be hard to defend against, but LBL takes numerous steps to protect your personally identifiable information through both business process engineering and technical controls to reduce (but not eliminate) the chance of such a breach. LBL cyber security will take all information available about this breach into account as it refines its protections for the Laboratory.
You can help protect PII by following LBL policy which includes the requirement that no PII reside outside institutional business systems, and that you report non-compliant business processes to [email protected] when you encounter them. Review SEC220 to learn more about how you can help prevent breaches of personally identifiable information.
Where can I get more information?
OPM Website: http://www.opm.gov/news/latest-news/announcements/
DOE Powerpedia: https://powerpedia.energy.gov/wiki/OPM_Cyber_Incident (note: powerpedia is only available from the wired LBL network)
