October 2010

 

New ITS Service Structure - What Do We Do?
Software Asset Management (SAM) Exercise 2010 - Scan Your PCs/ Notebooks by 19 November
Successful Completion of the Business Continuity Drill for Central Computer Systems
Fundamental Security of Information - Ways to Secure Your Workstation, Email, Passwords and Internet Access
24-hour Services at SCC Starting 9 November
November Staff IT Training Programmes






ACTION NOW - Complete the Survey on ITS Services and Win an iPhone or iPad
 

 

To solicit users’ feedback and comments on the ITS service provisions so that we can further enhance our service quality, ITS is conducting a staff and student survey to collect feedback from all PolyU staff and students.

The survey will help identify current services that may require enhancement and facilitate the University to plan for new services and facilities to meet future demands.  

To encourage participation, two iPhones and one iPad will be given away to the survey respondents by a lucky draw. Spend a little time to complete this survey to give us your feedback on our services, and to try your luck at the lucky draw. Please provide your NetID for purpose of the lucky draw. The survey data will be kept strictly confidential.

A BIG thank you in advance for your feedback and comments.

 

 
 


 
Information Security Awareness Workshop on Data Handling Successfully held
 

 

Under the coordination of the JUCC (Joint Universities Computer Centre) Information Security Task Force, an Information Security Awareness Workshop was held in the morning of 25 October 2010 for PolyU colleagues following the first one held earlier in March.  

With the theme of 'Data Handling in University', the half-day workshop was conducted by the external consultant, KPMG. Over 80 colleagues involved in handling University data or  supporting departmental IT/IS security attended the workshop which covered many useful topics including human factor in information security, information classification and handling, business impact analysis, risk management, etc.

Two more security awareness workshops are on their way, to be followed by a 2-day Joint Universities Information Security Conference to be held in May 2011 on the PolyU campus. Watch out for more information!

 

 
 


 
New ITS Service Structure - What Do We Do?
 


As communicated in our last issue, a new ITS service structure is now in place with four functional sections.   The  major service areas supported by these  sections are summarized below:

ITS will, as always, work in collaboration as 'one ITS', and  be the outstanding provider of IT services to the University community by being:

 

 

 
 


 
Software Asset Management (SAM) Exercise 2010 – Scan Your PCs/ Notebooks by 19 November
 

 

Thanks to the support and cooperation of all staff, the SAM exercise of last year was successfully completed with over 2 million software items scanned on more than 11,000 PolyU PCs/notebook computers. A new round of SAM exercise for 2010 will soon commence with different phases of the exercise as below:

 

Phase 1: 1 - 19 November

All colleagues who 'own' a University PC/notebook or 'oversee' laboratories and/or functional PCs shall visit the PolyU SAM website at the URL https://sam.polyu.edu.hk to access the SAM System, and to conduct scanning on each operating system installed on your PCs/notebooks as well as each virtual machine hosted on the computers. Each software item installed on the PCs/notebooks will be classified into one of the following categories:

  • PolyU Site Licence -- Software licensed centrally by PolyU through ITS
  • Departmental Licence -- Software provided to you by your department
  • Utilities Licence -- Software tools that are bundled with the hardware provided to you by your department
  • Personal Licence -- Software licences you own
  • Shareware Licence -- Software licensed to you under a condition
  • Freeware Licence -- Software that you can use for free
  • Unclassified Items -- Software that cannot be classified as any of the above

Please review each category and re-classify any software item as you see appropriate. Do provide a remark in the space provided to clarify the re-classification. Please note that you must resolve all unclassified/unlicensed software items found in your PCs/notebooks.

Phase 2: 15 November - 17 December

Your departmental CLO/SAM Manager shall follow up with the scanning results of your department. He/She may send reminder e-mails to you for completing the scanning and / or resolving the unclassified items during this period. 

Phase 3: 20 December onwards

CLOs/SAM Managers shall review and re-classify the latest results to ensure that all computers within the Department are scanned and sufficient software licences are acquired for staff in the department.

Phase 4

IAU may subsequently conduct their audit in departments/offices as they did in the past.

A series of briefing sessions for departmental CLOs / SAM Managers and general users have been conducted in October. More information on the SAM exercise, including the SAM System User Guides, can be found at the SAM website.

If you encounter any problems during the exercise, please contact our Help Centre at Ext. 5900, or Mr WK Kwok (Ext. 5886) / Mr Ernest Yu (Ext. 7940) of ITS.

 

 
 


 
Successful Completion of the Business Continuity Drill for Central Computer Systems
 

 

A total of 25 mission critical services were tested in the annual Business Continuity (BC) Drill conducted in two separate parts on 1 October 2010 (National Day) and 16 October 2010 (Chung Yeung Festival)

The purpose of the intensive testing is to ensure that in the event of a disaster striking one of the University Data Centres, the University will be able to continue to operate from the alternative data centre.

The exercise involved staff from ITS and various administrative offices during which the University simulated the failure of mission critical systems in our primary and secondary data centre separately.

This year the mission critical services tested included:  Academic Unix Service, AS Systems, MISO Systems, FO Systems, Oracle Financials System, Payroll and Benefit System, CHRIS, RO Systems, HKCC/SPEED Systems, SAO Systems, Internet and Intranet Web Hosting Servers, University Portal, Campus Email Service, Network Infrastructure and Services, myWeb, myStore and mySurvey, IAM (Identity and Access Management) Systems and the new Administrative Computing Infrastructure for 334 Systems.  For services that are not established as mission critical, ‘fail over’ services were unavailable during the time of the tests.

The tests were very successful with only some minor problems identified.

The staff involved gave up their two holidays to ensure that the University has highly available mission critical systems. The University appreciates their effort and thanks them for a job well done.


 
 


 
Fundamental Security of Information - Ways to Secure Your Workstation, Email, Passwords and Internet Access
 

 

Data handling procedures are created to protect classified data. However, the effectiveness of the data handling procedures depends on the fundamental security of information.  There are numerous ways in which data can be compromised. Below are ways to secure your workstation, email, passwords and Internet access.  

Workstation

  • Lock workstation when away from desk
  • Shut down the workstation each night
  • Lock the office door

Password

  • Always use strong passwords and keep them secret.
  • Do not log in for other people for access to the computer system or e-mail system.
  • Do not save passwords in files on workstation or mobile phone.
  • Do not write the password on paper.
  • Change the password regularly

Email

  • Check your e-mail ‘Sent Items’ and ‘Deleted Items’ daily for sensitive data.
  • Do not open email attachments that you aren’t expecting. Especially avoid attachments ending in .exe, .vbs, .pif, .scr, .com, or .bat,
  • Don’t open suspicious attachment even if it looks like it is sent from someone you know as many viruses can forge, or spoof, the sender’s name from names found in address books.
  • Do not email Restricted data.
  • Never comply with requests for personal information from an e-mail unless you initiated the contact.

Internet

  • Do not download software such as screensavers, games, or other programs from unverified sources.
  • Delete temporary Internet files.
  • Turn off auto-complete. It stores information such as usernames and passwords.

Physical

  • Sensitive and Restricted data should be stored in secured locations (i.e. locked filing drawers and cabinets).
  • Access to the departmental office should be restricted to authorised personnel only.

 

 

 
 


 
Meeting with Departmental CLOs - Let's Talk and Collaborate
 

 

Departmental Computer Liaison Officers (CLOs) are the close working partners of ITS and regular meetings are held to update them with our latest IT services and provisions.

Over 80 CLOs and departmental representatives attended the meeting held on 14 October 2010 at the Senate Room.

In his opening address, Mr Gerrit Bahlman, Director of Information Technology, highlighted the role of IT at the University and the key strategic principles for IT development at PolyU. Mr Bahlman encouraged departments to involve ITS in their IT planning, so that we could work collaboratively for success based on a trusting relationship.

 

Mr Gerrit Bahlman, DoIT, sharing his views with the departmental CLOs.

During the meeting, ITS introduced / reported the latest developments in the following areas:

  • ITS Service Catalogue and Project Portfolio
  • New University Portal
  • Classroom PC Provision and Support
  • Update on Joint Universities Information Security Project
  • Result of Notebook Ownership Scheme 2010
  • IAM (Identity and Access Management) Development
  • Update on LMS (Learning Management System) Review
  • Future Email Naming Structure and New Services
  • Schedule of ITS Services Survey and SAM Exercise

The departmental CLOs/representatives also provided us with very useful suggestions and feedback on our facilities and services. These valuable input would enable us to continue to provide quality IT services meeting and hopefully exceeding the expectations of our users.

 

 
 


 
24-hour Services at SCC Starting 9 November
 

 

 

During the end of semester period from 9 November to 23 December 2010, the 3/F of the Student Computer Centre will provide 24-hour services. Drop by anytime to do your assignment or for studying.

 

 

 
 


 
November Staff IT Training Programmes
 

 

Training Workshops

You may view the full list of workshops offered in November and make online enrolment via the Staff IT Training Workshop Enrolment System. You will be notified instantly of the enrolment results.

 

Online Courses

  November Online Courses

A

Access 2007: Level 1, 2, 3 & 4

  Access 2007: New Features

 

Acrobat 9.0 Pro: Level 1 & 2

E

Excel 2007: Level 1, 2, 3 & 4

 

Excel 2007: New Features

  Excel 2007: VBA

G

GroupWise 7.0 Level 1-1: Using GroupWise E-mail

 

GroupWise 7.0 Level 1-2: Organizing E-mails and Address Book in GroupWise

  GroupWise 7.0 Level 1-3: Using GroupWise Calendar and Resources
  GroupWise 7.0 Level 2-1: Exploring Advanced Mail and Message Features

 

GroupWise 7.0 Level 2-2: Exploring WebAccess, Rules and Access Rights

P

PowerPoint 2007: Level 1 & 2

 

PowerPoint 2007: New Features

 

Project 2007: Level 1 & 2

 

Publisher 2007

S

Security Awareness (Part 1): Protecting Information and Countering Social Engineering

 

Security Awareness (Part 2) : Maintaining Computer and File Security

 

Security Awareness (Part 3): Promoting E-mail Security and Proper Responses to Security Incidents

 

SharePoint Designer 2007: Level 1 & 2

 V

What's New in Visio 2007

W

Windows Vista : New Features

 

Word 2007: Level 1, 2 & 3

 

Word 2007: New Features

 

Please click here for the detailed description of each course. To enrol, please complete and return the web-based proforma reply and you will be informed of the enrolment results in early November via e-mail.

Enquiries: 4566