March 2010


Reminder: Acquire / Renew Maintenance Option for Adobe Software Licences
HARNET International Internet Bandwidth Upgraded to 1,500 Mbps
Reminder: New Security Policy on Connection to the Campus E-mail System and GroupWise
Visit the SCC Anytime - 24-hour Service Starting 4 April

10 Things to Remember to Protect Your Information


Do you know…

With your identity information and credit card number, someone can do fraudulent transactions online, or even impersonates you and commits a crime in your name.

With your HKID, someone can obtain employment in your name either locally, overseas or over the Internet. However, you will be the one who have to pay the tax.

With your identity and medical records, someone can take advantage of your medical insurance or prescriptive medicine.

With your academic research results, someone can sell it to the market and make a profit before you do.

With batches of personal information, say student names and phone number, someone can sell it off to a marketing company to make profit.

If you don't want to become a victim of data leakage, check out the 10 things you must know to protect your information:

Do not disclose your personal information unless absolutely necessary.

Do not provide personal information to untrusted websites.

Dispose sensitive information, such as credit card receipts, bank statement, etc. with care.

Log out or lock your computer session when left unattended.

Always encrypt sensitive information in transit and send the decryption key to the recipient separately.

Do not keep sensitive information in portable storage devices.

Use anti-virus and anti-spyware in your computer.

Do not process / enter sensitive data in untrusted computers, such as at Internet Cafe.

Be skeptical, consult the ITS Help Centre if in doubt.

Remind your colleagues and friends of the above.



Joint Universities Information Security Project – Risk Assessment and Security Awareness Workshop


To increase and improve information security awareness and standards at local universities, the Joint Universities Computer Centre (JUCC) has recently embarked on a series of information security initiatives under the coordination of its Information Security Task Force.  


Institute-wide Risk Assessment

At the beginning of this project, an institute-wide information security risk assessment for each participating institution had been conducted. The risk assessment exercise for PolyU commenced in late January and was successfully completed by the end of February.

A total of 8 academic and 11 administrative departments / offices were invited to participate in the exercise which focuses on the following areas:

  • Information security policies and procedures
  • Asset management
  • Physical security
  • Logical access
  • Security awareness
  • Monitoring
  • Third party management
  • Compliance monitoring

Based on the information collected, KPMG, the advisor of this joint-universities project, will provide a risk assessment report for each institution as well as eight member institutions as a whole for the planning of future information security initiatives. The reports will identify the weaknesses in the current security environment and the common risks across all institutions.  

Mr Gerrit Bahlman,  Director of IT and Convener of the JUCC Information Security Task Force, thanks all participating departments / offices for their support and cooperation in the risk assessment exercise.


Information Security Awareness Workshop

Following the completion of the risk assessment exercise, an Information Security Awareness Workshop was held on 22 March 2010 for PolyU colleagues. Around 100 colleagues supporting departmental IT/IS security attended the half-day workshop conducted by KPMG.

The Workshop covered many useful topics including information security standard and policies, security risks and challenges at universities, personal data protection and best practices, security incident management, etc.

The Workshop will be followed by a 2-day Joint Universities Information Security Conference to be held on 19 and 20 in May 2010 on the PolyU campus. The Conference aims to raise awareness of the increasing security challenges faced by the higher education sector and to build up the skills at universities to protect information assets against security threats. Information security experts from overseas and external organizations including the Government Chief Information Officer, Mr Jeremy Godfrey, will share their experience on a wide spectrum of topics. 

Details on the Conference will be sent to departments shortly. The University  counts on the active support and participation of all departments and offices in this joint-universities venture.



Reminder: Acquire / Renew Maintenance Option for Adobe Software Licences


As announced in our January issue, the Adobe Open Options Contractual Licence Programme (CLP) has been renewed and departments can enjoy educational discount on a list of common Adobe software licences during the programme period up to 31 January 2012.  

Under the CLP, departments could subscribe the maintenance option for previously-owned current version Adobe licences or renew the maintenance option acquired during the last agreement period (i.e. from January 2008 – January 2010) before the end of April 2010. The maintenance programme will entitle departments to the latest release and upgrades of the software within the programme period, i.e. up to 31 January 2012.

Departments are reminded to review all the Adobe products that you have and consider the need for joining or renewing the maintenance programme. As Adobe has announced the release of CS5 in April, please make necessary purchasing/renewal arrangements as soon as possible.  

Please note that for departments which choose not to acquire or renew the maintenance option for their Adobe software licences, they will have to buy additional new licences should they wish to use the latest upgrade of the software later.

Click here for the CLP licence and maintenance price list. For any enquiries regarding the Adobe licensing programme, please contact Ms Cecilia Chan at Ext. 5934.



Academic Computing Infrastructure for 334 Implementation


In addition to information system development, another critical project, the Administrative Computing Infrastructure (ACI) Project, to support the implementation of the 334 academic structure is also in full swing. It will replace the existing hardware and infrastructure with a more powerful, reliable and scalable platform to support  the new application systems. 

Study on the possible solutions available in the market commenced in September 2009, followed by the tendering exercise in December 2009. After careful evaluation on the recommended solutions from various hardware vendors, the evaluation team has recommended the HP solution.

The HP solution includes the provision of the Database servers, Web/Application servers, SAN disk storage and back-up system. The computing platform is based on the latest blade technology which is more flexible for future expansion. It is also ‘greener’ than the traditional rack mount technology as blade servers consume less power with smaller footprint.

Following the approval of the Tender Committee in mid March, a kick-off meeting for the implementation of the new ACI was conducted, project teams were formed and the project schedules revisited. Technology briefing sessions were also conducted, and the design phase has just commenced.

It is planned that both the Development (DEV) and User Acceptance Testing (UAT) platforms be ready in mid May 2010 for the testing of the new Admission Administration application systems, while the Production (PROD) platform will be ready in early September 2010 to support the pilot run of the admission exercise of the taught postgraduate programmes.

It is envisaged that the equipment would be delivered in mid April, following which full installation and implementation of the DEV/UAT platforms will commence immediately to meet the mid May schedule.

A separate task group to review the security aspect of the ACI has also been formed. It will design and implement the necessary security components to safeguard the ACI when it is in production later this year.




HARNET International Internet Bandwidth Upgraded to 1,500 Mbps


Jointly with other UGC-funded institutions, the Internet bandwidth of HARNET (Hong Kong Academic and Research Network), through which PolyU is connected to the Internet, has been upgraded from 1,200 Mbps to 1,500 Mbps in March 2010.

The enhancement would further improve the Internet surfing services and better cope with the bandwidth demand of the University's teaching, learning, research and administrative activities which have become increasingly network-based.




Reminder: New Security Policy on Connection to the Campus E-mail System and GroupWise


As announced in our last issue, to protect the privacy of the NetPasswords during the transmission over the Internet, the following policy will be enforced on the Campus E-mail System and GroupWise with effect from 29 March 2010:

E-mail client programs must establish encrypted communication channel with the use of Secure POP and Secure IMAP protocol to connect to the Campus E-mail System and GroupWise.

Existing users of other e-mail client programs are reminded that they must change the configuration of their programs before 29 March 2010 by following the instructions here.

Please note that WebMail and GroupWise client / WebAcess users will NOT be affected. For further information or assistance, please contact our Help Centre at 2766 5900.



April Staff IT Training Programmes


Training Workshops

You may view the full list of workshops offered in April and make online enrolment via the Staff IT Training Workshop Enrolment System. You will be notified instantly of the enrolment results.


Online Courses

  April Online Courses


Access 2007: Level 1, 2, 3 & 4

  Access 2007: New Features


Acrobat 9.0 Pro: Level 1 & 2


Excel 2007: Level 1, 2, 3 & 4


Excel 2007: New Features

  Excel 2007: VBA


GroupWise 7.0 Level 1-1: Using GroupWise E-mail


GroupWise 7.0 Level 1-2: Organizing E-mails and Address Book in GroupWise

  GroupWise 7.0 Level 1-3: Using GroupWise Calendar and Resources
  GroupWise 7.0 Level 2-1: Exploring Advanced Mail and Message Features


GroupWise 7.0 Level 2-2: Exploring WebAccess, Rules and Access Rights


PowerPoint 2007: Level 1 & 2


PowerPoint 2007: New Features


Project 2007: Level 1 & 2


Publisher 2007


Security Awareness (Part 1): Protecting Information and Countering Social Engineering


Security Awareness (Part 2) : Maintaining Computer and File Security


Security Awareness (Part 3): Promoting E-mail Security and Proper Responses to Security Incidents


SharePoint Designer 2007: Level 1 & 2


What's New in Visio 2007


Windows Vista : New Features


Word 2007: Level 1, 2 & 3


Word 2007: New Features

Please click here for the detailed description of each course. To enrol, please complete and return the web-based proforma reply and you will be informed of the enrolment results in early April via e-mail.

Enquiries: 4566



Visit the SCC Anytime - 24-hour Service Starting 4 April


Starting from 4 April 2010 (Sunday), the 3/F of our Student Computer Centre (SCC) at the Li Ka Shing Tower will provide 24-hour service until the end of the examination period on 15 May 2010 (Saturday).

Drop by anytime you need the SCC to do your assignment or for study.