February 2010

 

New Security Policy on Connection to the Campus E-mail System and GroupWise - Actions to be Taken
6 Important Rules for SCC Users






Windows 7 Security Features
 

 

Some users may have started trying out Windows 7 which comes with a number of new and improved security features. Here’s a rundown of the key changes you should know:

Action Centre

In Vista, security configurations are accessed from the Security Centre in the Control Panel. In Windows, the Security Centre has been replaced with the new Action Centre. The Action Centre has security configurations as well as options for other administrative tasks such as Backup, Windows Updates, etc.

Enhanced UAC

When talking about UAC (User Account Control) which was first introduced in Vista, you may associate it with the access-consent prompts it issues, asking for permission when you need to do something that requires admin privileges. In Windows 7, UAC is still there but Microsoft has reduced the number of applications and operating system tasks that trigger the prompt. You can adjust the settings of the UAC under ‘User Accounts’ in the Control Panel. However, for security protection, DO NOT turn the UAC off completely as that would expose yourself to threats.

Bitlocker To Go

The Bitlocker in Vista can encrypt drives that are part of the computer but not removable drives. Windows 7 addresses the issue with the enhanced BitLocker To Go. Bitlocker To Go enables data encryption on USB memory drive. However, users are still NOT recommended to store sensitive or confidential data on mobile storage devices.

AppLocker

The new AppLocker feature in Windows 7 enables administrators to block potentially harmful software and to prevent users from running unauthorized software that could lead to malware infections.

Multiple Active Firewall Policies

The multiple active firewall policies in Windows 7 enable computers to connect to multiple networks at a time by applying different firewall rule sets for different networks.



Integrated Fingerprint Scanner Support

One of the most secure methods of authentication is biometrics. Many computers, laptops in particular, come equipped with built-in biometric security in the form of a fingerprint scanner. In Vista, a third-party program is required to use the fingerprint scanner. In Windows 7, it’s part of the OS.

 

Security Practices on Using Windows 7

With all the new and improved security features in Windows 7, there are some good practices that you should always follow when using the OS:

 

Give yourself a good and hard to guess password - Many Windows users configure the OS to log them in without a username and password. That's equivalent to leaving the door of your house wide open. A simple way to create a good password is to use a meaningful phrase and replace 'o' with '0', 'l' with '1' and use a mixture of both upper and lower case letters.

Lock up your computer while away – Enable the ‘screen saver’ by setting the ‘wait’ time to 5 or 10 minutes, so that the logon screen will be displayed on resume. A quick and easy way to lock up your computer is to press <Windows> + L.

Install anti-virus software - An anti-virus software is essential to detect viruses that may come when you are connecting to the Internet, downloading a file/ program, viewing an e-mail attachment, copying files from USB, etc. A free anti-virus software called ‘Security Essentials’ from Microsoft is available for download here. Other free anti-virus software such as ‘AVG’ can be downloaded here. For staff users, you may install the McAfee anti-virus software centrally provided by ITS which is available for download here.

However, a good anti-virus software doesn’t mean your machine is free from viruses or malware. You should always be aware of the websites you visit, attachments from "friends", etc.

Patch software installed on your PC, including the OS - Many software products have known vulnerabilities and software patches or updates are released frequently. An easy way to keep your software patches up-to-date is to enable the auto-update on the products.
Backup your data - Windows 7 has backup and restore function ready for use. It is accessible under 'System and Security’ in the ‘Control panel’.

Create system restore pointSystem restore point helps you to roll back system files, registry keys and programs to a previous state before changes or failure. Windows 7 will create a restore point whenever there is a significant system change such as driver installation; or whenever there is none created for the last 7 days. To create a system restore point: 

Start > right click 'Computer' > click 'Properties' > select ‘System Protection’ > click 'Create' button

Enable the firewall - Make sure you have enabled your firewall on Windows 7.  To check if the firewall is enabled:

Control Panel > System and Security > Windows Firewall > Check firewall status

Disable USB autorunThis will prevent the automatic running of any virus-contaminated files stored on the USB drive. To do so:

Start > enter 'group policy' into the ‘Search programs and files’ box > select 'Edit group policy' > select 'Administrative Template' and expand it > select 'Windows Components' and expand it > select 'AutoPlay Policies' and double click on 'Turn off Autoplay' > select the ‘Disabled’ button and then the ‘Apply’ button

File and printer sharing - You may need to share files and/or printers within office. Please review the network sharing configuration of your OS. To do so:

Start > Control Panel > Network and Internet > View network status and tasks > Network and Sharing center > Change advanced sharing settings

For better security, you are recommended to:

  • Turn on password protected sharing
  • Use 128-bit encryption to help protect file sharing connections
  • Turn off public folder sharing

 

 

 
 


 
Responded to Phishing E-mails? Change your NetPassword Immediately
 

 

Following our earlier announcements on phishing attacks, a number of users had been identified as victims of phishing e-mails. Several e-mail accounts were compromised and being used as spam channels. E-mails from some user accounts were being forwarded to unknown addresses by automatic forwarding settings.

If you have ever responded to a phishing e-mail or submitted your NetID/NetPassword to a phishing web site, change your NetPassword IMMEDIATELY via the NetID Management System. Detailed information about managing NetID is available here.

Most importantly, follow the good practices and advice on handling suspicious e-mails that have been published in our last issue. For further advice or assistance, do give us a call anytime at 2766 5900.  

 

 

 
 


 
Progress of IS Development Projects for 334 Implementation
 

 

The various system development / enhancement projects for the 334 implementation have been progressing well on schedule. The system analysis and design of the admission administration is at the final stage and development work has also commenced. In the student administration area, requirement analysis is in progress and it is expected that the system analysis and design stage will commence in the second quarter of 2010.

For the student account area, system analysis and design for the access control module, enquiry module and debit note processing module are in active progress. For the redevelopment of the Scholarship and Financial Assistance System, the development of the user account management module has been completed and it is under user acceptance test. Prototypes for the second sub-system have also been developed and program construction is expected to be completed by the end of March.

In addition, meetings / discussions on the interface of various student-related systems have been held in collaboration with FO, AS and SAO to work out the detailed system and data interface requirements.


 
 


 
New Security Policy on Connection to the Campus E-mail System and GroupWise - Actions to be Taken
 

 

POP and IMAP are common Internet standard protocols used by e-mail client programs such as Microsoft Outlook Express, Mozilla Thunderbird and Eudora, etc. for e-mail retrieval. These protocols, however, are not secure as the user passwords are transmitted in clear text form over the Internet.

At PolyU, the Campus E-mail System (for students and staff) and GroupWise (for staff only) are provided to our users. In addition to using the PolyU WebMail and the GroupWise client for access, some users would also access the two e-mail systems via other e-mail client programs.

To protect the privacy of your NetPasswords during the transmission over the Internet, the following policy will be enforced on the Campus E-mail System and GroupWise with effect from 29 March 2010:

E-mail client programs must establish encrypted communication channel with the use of Secure POP and Secure IMAP protocol to connect to the Campus E-mail System and GroupWise.

Existing users of other e-mail client programs are required to change the configuration of their programs before 29 March 2010 by following the instructions here or they will not be able to access the Campus E-mail System and GroupWise afterwards.

Please note that WebMail and GroupWise client / WebAcess users will NOT be affected.

If you need further information or assistance on configuring the e-mail client programs. Please contact our Help Centre at 2766 5900

 

 
 


 
Information Security Awareness Workshop for Departmental IT Security Personnel
 

 

As announced in our last issue, an Information Security Awareness Workshop will be organized in March under the coordination of the JUCC (Joint Universities Computer Centre) Information Security Task Force.

To be held in the morning of 22 March 2010, the half-day workshop aims to provide colleagues involved in departmental IT security with an overview on managing information security issues at departmental level. Here are the topics to be covered:

 

Information Security and Challenges

  • Overview of Information Security Management
  • Information Security Standard and Policies
  • Challenges for Information Security

Information Security at Institutions

  • Information Security Risks at Universities

Privacy and Personal Data

  • Overview of Privacy and Personal Data
  • Roles and Responsibilities in Privacy and Personal Data
  • Privacy Ordinance and Relevant Regulations
  • Case Study on Data Leakage at Universities

Security Incident Management

  • Overview of Information Security Incident Management
  • Roles and Responsibilities in Information Security Incident Management
  • Security Incident Classification and Incident Handling Procedure
Invitation will be sent to departments shortly. If you are supporting information security at your department, don’t miss this workshop as well as the coming Joint-universities Information Security Conference to be held in May.

 

 
 


 
March Staff IT Training Programmes
 

 

Training Workshops

You may view the full list of workshops offered in March and make online enrolment via the Staff IT Training Workshop Enrolment System. You will be notified instantly of the enrolment results.

 

Online Courses

  March Online Courses

A

Access 2007: Level 1 & 2

  Access 2007: New Features

 

Acrobat 9.0 Pro: Level 1 & 2

E

Excel 2007: Level 1, 2 & 3

 

Excel 2007: New Features

  Excel 2007: VBA

G

GroupWise 7.0 Level 1-1: Using GroupWise E-mail

 

GroupWise 7.0 Level 1-2: Organizing E-mails and Address Book in GroupWise

  GroupWise 7.0 Level 1-3: Using GroupWise Calendar and Resources
  GroupWise 7.0 Level 2-1: Exploring Advanced Mail and Message Features

 

GroupWise 7.0 Level 2-2: Exploring WebAccess, Rules and Access Rights

P

PowerPoint 2007: Level 1 & 2

 

PowerPoint 2007: New Features

 

Project 2007: Level 1 & 2

 

Publisher 2007

S

Security Awareness (Part 1): Accessing a Computer, a Network and the Internet in a Secure Manner

 

Security Awareness (Part 2) : Maintaining File and Email Security

 

Security Awareness (Part 3): Promoting Web Security and Proper Responses to Security Incidents

 

SharePoint Designer 2007: Level 1 & 2

 V

Visio 2007 Professional: Level 1 & 2

  What's New in Visio 2007

W

Windows Vista : New Features

 

Word 2007: Level 1 & 2

 

Word 2007: New Features

Please click here for the detailed description of each course. To enrol, please complete and return the web-based proforma reply and you will be informed of the enrolment results in early March via e-mail.

Enquiries: 4566
 
 


 
6 Important Rules for SCC Users
 

 

 

The Student Computer Centre (SCC) located on the 3rd and 4th floor of the Li Ka Shing Tower provides over 500 PCs as well as printing and scanning facilities for student use. When using these facilities, students are reminded to observe the 6 important rules below:

 

 

Facilities in the SCC are for the exclusive use of PolyU students and staff only. To safeguard the use of facilities to legitimate users only, DO NOT lend your Student / Staff ID Card to any non-PolyU users for access to the SCC.
DO NOT abuse the privilege of using the SCC facilities for non-coursework purposes such as playing computer games.
DO NOT post and introduce obscene materials on the computer systems.
DO NOT leave your personal property unattended in the SCC as a means of 'seat reservation'.
Be considerate when using the PCs dedicated for laser printing. Due to resources constraints, a maximum of 20 pages or 10 minutes printing-time is allowed for each user.
Keep the SCC clean and quiet. DO NOT smoke, eat, play, shout or talk loudly in the SCC.If there is a need for group discussion, please visit the Wireless Access Room at Room M202 to avoid disturbing other users.

In addition to the above, SCC users are also requested to observe other rules / regulations as stipulated in the Rules for Student Computer Centre Users to make the best use of the SCC resources and to maintain a comfortable working environment.