Universities are particularly vulnerable to information security incidents because of their openness in information access policies and richness in information assets - staff and student data, payment information, employment records, patient health records, and all kinds of sensitive and classified research information.  Loss or theft of unencrypted laptops and USB flash drives, for example, is one of the common data breaches.

You are exposing yourself to a big risk if you are simply bringing your office laptop or USB flash drive that contains unencrypted sensitive data to an external meeting.  If, unfortunately, your laptop or USB drive is lost or stolen, the data might just fall into wrong hands.

Data Encryption with Endpoint Security Solutions

The predominant solution in the industry, which is also recommended by the Privacy Commissioner for Personal Data (PCPD), is to employ data encryption.  The University has recently endorsed the deployment of an Endpoint Security Solution which provides encryption to all university-owned desktops and laptops used by both teaching and non-teaching staff.  And since computers set up for casual use in classrooms, general labs, and libraries will not handle personal data, implementation of the solution is not necessary.

The Start of Deployment

In phase 1 of the deployment, ITSC will facilitate the launching on (1) Desktops: USB drive encryption only; (2) Laptops: both full-disk and USB drive encryption.User instructions and briefing sessions will be offered in mid-July. Stay tuned and refer to our announcement at http://epss.itsc.cuhk.edu.hk  on 8 July, 2014.

For enquiries, please contact us at ITSC Service Desk https://servicedesk.itsc.cuhk.edu.hk.