CONTENTS
General
IT for Teaching, Learning and Research
Staff Workplace
IT Infrastructure
Cybersecurity at HKUST
Beware of Ransomware
Cybersecurity Audit
Enhancing Data Security and Back Up
Cybersecurity Training
Email Phishing and Telephone Scam
HKUST Web Application Security
ITSC Server Security Initiatives
Fall 2016
PREVIOUS
ITSC Server Security Initiatives
Y F Lai
Head of Infrastructure Systems

Nowadays, hackers are constantly looking out for glitches and loopholes in servers for unauthorized access. To protect our university IT systems from malicious intrusion activities, ITSC is now developing a set of security initiatives that will apply to all servers in the data center.

  • Patch management – provides near real-time visibility and enforcement to deploy and manage security patches.
  • Security compliance - enforces continuous compliance to a set of technical security standards and practices.
  • Secure administration access – requires multi-factor authentication for system administrators to permit administrative access of servers.
  • Privilege account management - provides secure access to privileged accounts, manages password complexity, and enables accountability through the issuance of passwords on a temporary, one-time use basis and secure auditing.

We are looking for a full implementation of above initiatives to all servers managed by ITSC by the end of 2016 and we believe that the risk level of server intrusion are keeping to minimal under these new security measures.

Besides, the management of a site / department / office / unit is responsible for leading the unit to maintain a healthy level of cyber security by meeting Minimum Security Standard and adopting suggested good practices, etc. Details can be found at :

http://itsc.ust.hk/it-policies-guidelines/minimum-security-standard/#server