2017 Mar | Volume 171

Close Security Loopholes from a Whole to Individual

Every day we keep files on cloud; we locate ourselves with online map; we do research via e-Library.

We all enjoy how technology facilitates our lives; but let's not forget the potential risks behind. According to the 2016 figures from HKCERT, there were over 70, 000 unique security events^ such as phishing and malware in Hong Kong.

To protect ourselves from suffering, we should together take precautions to close security loopholes.

From A Whole

  1. University machine protection

    It was previously found that many University computers are unprotected which could be an easy target of hackers. Therefore, we

    Date

    Actions

    April 2015

    Started enforcing University Firewall Policy which required all the computers in the University to be protected by network firewalls so that hostile traffic originated from outside of CUHK can be blocked, and required routine vulnerability scanning to find and fix loopholes among campus servers.

    December 2015

    Completed all firewall installations with departments.

    March 2016

    Prepared Vulnerability Management Procedures for departments to manage vulnerabilities of devices.

    July 2016

    Started the routine vulnerability scanning of campus servers with the Vulnerability Assessment System (VAS).

  2. Security recommendations on selecting public cloud service

    Public cloud service is an increasingly cost-effective option for the University to deliver new services. Nevertheless, IT security remains one of the key concerns where guidance from the University is needed.  So, we

    Date

    Actions


    Aug 2016

    Prepared Minimum Security Standards in procuring Public Cloud Service and Security Checklist in selecting Public Cloud Service Provider for departments/users reference.

  3. University digital information protection

    While the University is adopting e-filing and digital document, data loss or leakage becomes a concern. Here we

    Date

    Actions

    January 2017

    Proposed Data Classification and Data Governance Policy, illustrating a framework for protecting University's digital information.

    Now

    Studying information protection method to enforce data protection which will be launched to all staff in Q3 2017 tentatively

 

To Individual
We have tips and resources to enhance your security. What we need is your one little more step to -

^ HKCERT (2 March 2017) Hong Kong Security Watch Report (Q4 2016), Available at: https://www.hkcert.org/my_url/en/blog/17012702 (Accessed: 7 March 2017).



back to issue
More Articles

Close Security Loopholes from a Whole to Individual


Replace Your CU Link Card by February 2018


Conduct Your Online Survey with MyCUForm


Ensure Fullest WiFi Coverage with University WiFi Policy


500 WiFi Day-passes for Your Department Guest!


Let's Have Greener User Areas!


CUHK Client Certificate Service Terminated by 2017


Copyright(c) 2024. All Rights Reserved. The Chinese University of Hong Kong.