News

Defence Against Ransomware
by Colin Yeung (OCIO)
Security

ransomware
​ What is ransomware? [1][2] Ransomware is a form of malicious software (malware) designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. By encrypting these files and demanding a ransom payment for the decryption key, cybercriminals place individuals ...

New Endpoint Protection Agent for Better Security
by Deep Batra
Personal Computing, Security

sophos logo 3
Anti-virus software is vital to help keep both University computers and your own personal computer secure. With this in mind, the Computing Services Centre (CSC) has performed rigorous due-diligence work to ensure the right product is chosen to address the upcoming challenges users face in the ...

Setting up Public Meetings and Webinars Correctly to Avoid Intruders
by Joe Chow
Communication and Collaboration, Security

zoom
Many departments organize public meetings and webinars (online seminar) using Zoom but they are not aware of any security measures for preventing intruders from disturbing their events. Like face-to-face seminars, it is possible to have guests (mostly uninvited guests) who may interrupt the meetings ...

Phishing Scams: Best Practices for General User
by JUCC ISTF
Security

phishing
/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ Phishing refers to the malicious attack method by attackers who imitate legitimate companies in sending emails in order to entice people to share their passwords, credit card or ...

Password Management: Best Practices for General User
by JUCC ISTF
Personal Computing, Security

Top 10 Password Manager in 2011
/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ Authentication is the process of identifying the authenticity of a user. It can be accomplished by means of a combination of login ID (identification) and password (authentication ...

Admin Firewall Deployment
by Cyril Ha
Network and Infrastructure, Security

High Level Network Diagram with Admin Firewall added
Background​ Information System Security has been a key concern over the past many years as more and more business processes rely on Information Technology to operate. Alike many other organizations, the usual first line of defense would be Internet protection with security devices such as a ...

Man-in-the-Middle Attack: Security and Privacy Concerns
by JUCC ISTF
Security

Eavesdropping and manipulation
/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ More and more transactions are performed online. Thus, a secured connection has to be ensured between the server and the client. However, connection mainly requires just a server ...

Multifactor Authentication: An Overview
by Yuki Tam (OCIO)
Security

Multifactor Authentication
Over the past few decades, systems and their data were protected by usernames (IDs) and passwords. However, this is not considered as safe anymore. An attacker can impersonate a user easily when a password or the password database is stolen. Even if the passwords are safely kept, an attacker can ...

Synchronizing Windows 10 with Anti-virus Software
by Tony Chan
Personal Computing, Security

​ Since the first release of Windows 10 in July 2015, Microsoft has been providing feature updates for the operating system twice a year. Each version of Windows 10 was serviced with quality updates up to 18 months after its release. Users are strongly advised to upgrade their devices to the latest ...

Database Security: Security and Privacy Concerns
by JUCC ISTF
Security

/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ In universities, some data have to be shared with students, staff, guests whereas others have to remain protected. At the same time, the number of data leak and unauthorized ...