June 5, 2006
It is a good time to review an issue that tends to hide in plain sight: Lab security. In addition, the Lab will be going through a formal survey of the Lab's security and protection programs June 6-7. While we deal with security on a regular and routine basis, we need to on occasion remind ourselves of the fundamentals of our Lab security program and spot-check ourselves to make sure we are all working to maintain a safe and secure work environment.
It is Jefferson Lab policy to pursue our scientific mission safely and in a secure manner. Security is managed in the same integrated way as safety, and your personal knowledge and commitment is essential. At its most fundamental level, this means we should know who is in our respective work areas. Each of us carries the responsibility to:
- Protect our JLab ID badge and not let anybody else use it.
- Not allow people you don't know into JLab facilities.
- Ask to see the JLab ID badge of people we don't know. (Everybody who receives a JLab badge must carry it with them while at JLab.)
- Call Security if people do not have proper JLab identification and are not escorted. (Gate Guard, ext. 5822)
While Jefferson Lab sponsors no security clearances and no classified work is conducted at the Lab and we actively promote and publish the Lab's science, it is still wise not to volunteer or provide information about our work at the Lab to individuals who have an unknown or questionable purpose in seeking information from you, especially these days if the information could be used as part of identity theft schemes. All tours should be coordinated through JLab Public Affairs, ext. 7689. The several individuals with security clearances at Jefferson Lab are personally responsible for carrying out the policies and procedures of their non-JLab cognizant security office.
Since many of our colleagues are from throughout the world and are essential to the Lab's science and education enterprise, we must ensure our visit processes are both functional and consistent with DOE policies. Identity and immigration status and authority to work may need to be verified at JLab Registration and International Services. Non-U.S. citizens whose country of origin (by birth or citizenship) is Cuba, Iran, Libya, North Korean, Sudan, or Syria must have DOE Headquarters' approval before entry is allowed into any JLab facility.
The realm of Cyber Security has grown rapidly in the last decade, and our computer professionals work diligently to keep our systems working. But primary cyber security begins with each one of us. Be responsible in creating, using, and protecting your computer password. Do not give your password to others, or let others see it or use it. Carelessness with passwords can make our systems here vulnerable to hacker attack or other disruption. Be especially careful with email based phishing attacks and other forms of attempted identity theft.
Another vital security area is Export Controls. These controls are designed to protect items and information important to the United States. As a national laboratory with important international collaborations, it is imperative that JLab be a responsible exporter. Your primary responsibility is to understand export-control requirements related to your work and ensure no exports are made contrary to federal law. Noncompliance could result in administrative or criminal penalties for the Lab and/or you. Coordinate all shipments through the Property Office, ext. 7348.
Jefferson Lab property and equipment are to be used only for official JLab business. It is unlawful to use, appropriate or remove any Jefferson Lab property for personal use. Report unauthorized use of JLab property to the JLab Security Officer, ext. 7548.
This message will hopefully help to serve as a reminder of the duty each of us has in maintaining a secure environment and encourage each of us to take a few moments to assure that we are knowledgeable concerning those responsibilities. And please, if you are uncertain of how to handle any security-related matter, call on the JLab Security Officer (ext. 7548), Security Manager (ext.7169), Property Officer (ext. 5430), JLab Registration/International Services (ext. 7687), or Computer Center (ext. 7155). Any after-hours concerns should be reported directly to the Gate Guard, ext. 5822.
For more information, visit www.jlab.org/intralab/security/.
Work safe and secure!
CIO and Acting Associate Director for Administration