News

Security Risk Assessment
by JUCC ISTF
Security

/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ ​ “Successful businesses understand the value of timely, accurate information, good communications and secrecy. Information security is as much about exploiting the opportunities ...

Migration of On-premises Email Anti-spam Tool to O365
by by Henry Wong
Communication and Collaboration, Security

O365 Exchange Online Protection
With all staff mailboxes migrated to Office 365 (O365), the migration of on-premises email supporting tools is underway. One significant upgrade is the migration of on-premises email anti-spam tool to the O365 Exchange Online Protection (EOP) cloud-hosted email filtering service. The migration has ...

Security Management and Operations
by JUCC ISTF
Security

/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ ​ Relationship with ISMS Information Security Management System (ISMS) is defined in the ISO/IEC 27000 set of standards. The ISO/IEC 27001 standard sets out a certifiable and ...

Migrating to Cloud
by JUCC ISTF
Security

/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ ​ The NIST Definition of Cloud Computing 1 The cloud model is composed of 5 essential characteristics (Ondemand self-services; Broad network access; Resource pooling; Rapid ...

Using Office 365 SharePoint Online with Rights Management Services to Replace Departmental Share Drives
by ML Lee
Communication and Collaboration, Security

In today’s office environment, we often share information like reports, presentations and minutes among colleagues. We have been taught how to connect to the departmental share drive through a network drive letter to store and access files in a traditional file folder structure. This works quite ...

Advanced Persistent Threat (APT)
by JUCC ISTF
Security

/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ The term APT was first used by U.S. Air Force back in 2006 to facilitate discussion about a set intrusion activities with specific characteristics. These days, APT is often used ...

Verify a Website before Providing your Username/Password
by Wilson Wong
Web Development and Hosting, Security

Verify a Website before Providing your Username/Password
Phishing email spreads over the Internet from time to time. You may have received suspicious email telling you that your computer account has problems/will expire/has exceeded quota/etc. and requires you to verify your identity by clicking on a URL (Uniform Resource Locator) to a web page, and then ...

Mobile Security – Bring Your Own Device
by JUCC ISTF
Security

/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ There is a massive upsurge of mobile devices in the consumer market. Corporations are also demanding their employees to have instant connectivity to their working environment ...

IV. Hardening Steps for Data Centre Management
by JUCC ISTF
Security

Data Centre Management
/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ To ensure that data centres meet the reliability and performance needs of universities, and achieve the comprehensive protection from various security threats, a number of aspects ...

III. Exploitations on Data Centre Management
by JUCC ISTF
Security

Data Centre Management
/* The following article is extracted from the "Information Security Newsletter" published by the JUCC IS Task Force. */ Vulnerabilities of data centres are found in their physical security, systems / devices hosted and management procedures implemented. Several common exploitation techniques are ...