“Be Safe”: our cybersecurity program

Oct 9, 2024 | News | 0 comments

Tags: ALMA

On our desktops, mobile devices, at work or at home. There are multiple risks of becoming a victim of a scam or intrusion on the Internet. We learned about it first-hand when we suffered the cyber-attack on the observatory in October 2022.

To be more prepared, the IT team created the Be Safe plan, our cybersecurity program that seeks to ensure the safety of ALMA’s data and systems.

“The first line of defense is people. No tool or software is 100% secure, so everyone’s active collaboration is essential,” says Cristóbal Achermann, our ITG Manager and technical sponsor of the program.
Several initiatives have emerged from the Be Safe plan this year, starting with cybersecurity training, which was mandatory for all JAO staff from April 15 to May 17, in addition to a series of talks throughout the year.

The cybersecurity team tested us and sent out “phishing” emails to all staff to measure the reporting rate and corroborate how much we had grown in this area.Reinforcement courses were given to those who required it.

“It has been very good because it helps you to always be aware and verify from whom and where an email or text message comes from. This way we take care of the most sensitive information,” says Valentín Medina, our Technician I, who was part of these trainings.

“Just as you update your antivirus on your laptop, we must update our knowledge of the techniques that are used to capture our information and breach our data,” says Valentín.

This practice is shared by Camila Martínez, our engineer from the Computer Science Department’s Software team. “I now use a password manager that helps me manage the different passwords I use on a daily basis. I am also vigilant and every time I get a strange email I report it to the cybersecurity team, so they can take the appropriate action.”
But the Be Safe plan went even further: “We are rewarding collaboration and attitude towards cybersecurity,” says Ricardo Carrasco, our Cybersecurity Engineer and one of the main promoters of the program.

(Below photos of the first award ceremony)

One of the award winners was José Lobos, our Systems Administrator who, from the ADC-ITG group, has led cybersecurity initiatives such as the implementation of second authentication factors in certain applications and the incorporation of some credential management systems. “These are contributions that our team looks for, studies and integrates and that give us better security standards,” says José.
Another recognized was Loreto Bradford, our Budget Controller in the Administration and Finance Department, for naming the most relevant behaviors to ensure the integrity of our systems at the end of a training session. “I was delighted to be awarded! I think it’s a fun initiative, and I think it’s always good to remember, reiterate and reinforce the actions that protect us. If we add how entertaining it is to be rewarded, then even better!”.

Loreto adds that habits are key in cybersecurity. “It is better to be cautious in excess, pay more attention and follow security guidelines: in trust lies the danger. We should report anything that seems strange or suspicious. When in doubt, the best thing to do is to ask and report,” she says.

There are still talks pending for the rest of the year. As for training courses, from now on they will only be held once a year and for those who come to work at the observatory for the first time.
IF YOU ENJOYED THIS NEWSLETTER, GIVE IT A “LIKE” AND COMMENT!

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Related Post