IT Services

Endpoint Protection Services

User workstations/ notebooks are computing devices for staff used to communicate and collaborate with peers, students and external business partners at office (and outside office for notebooks). These fleet of machines are important productivity tools but also expand attack surface of campus if not included in University endpoint protection coverage. Over 6,000 workstations and notebooks have already joined PolyU domain and receive comprehensive security protection including regular patch updates, and desktop management support. For workstations/ notebooks at departments which have not joined PolyU domain, user can strengthen their endpoint devices protection by a simple enrolment process to Microsoft Intune and Microsoft Defender for EndPoint (MDE). Once Microsoft Defender for Endpoint (MDE) client software is successfully installed, the following security protections will be applied: Anti-Virus Firewall Attack Surface Reduction (ASR) Regular system security patching  

Security Consulting Service

Users may come across security related problems while conducting teaching, learning, research and administration activities, our security consulting service provides users with advice on compliance, security risk assessment, threats mitigation and incident response to address security issues concerned.

Security Risk Assessment Services

Two main types of security risk assessment services are provided to user departments: System vulnerability assessment service System vulnerability assessment service identifies potential vulnerabilities on their information systems and examine the security posture of the systems. Web application vulnerability assessment service Web application vulnerability assessment service identifies the possible vulnerabilities in the web applications before they are placed in production. In general, individual vulnerability assessment could be completed within 5 business days, depending on the complexity of system / web application and the availability of the assessment resources.   Preparation prior to the assessment Involvement of department / office is required for the success of the service. The following are some of their responsibilities: Department / office should clearly identify the scope for the vulnerability assessment and provide written authorization to our Cyber Security Team for that assessment A representative from department / office should be appointed as single point of contact during the service period Department / office should provide the necessary documentation to review Department / office should arrange internally for a time slot for the vulnerability assessment The remediation of the vulnerabilities identified from the assessment is not included in the service. Department / office should be responsible for the fixing Department / office should ensure a full and restorable backup (including both system and data) is available before the assessment

Security Threat Mitigation and Incident Response Services

To assist departments/ offices to handle an IT security incident and to minimize the adverse impact to the University as a whole, we provide: Assistance for the concerned departments to mitigate the imminent threats posed by the attacks Alert to the University community of imminent threats and provide recommendation on the mitigation Recommendation on the necessary enhancement to avoid the recurrence of the similar incident in the future

Web Application Firewall Service

To ensure publicly accessible information systems of the University are well protected against cyberattacks, all publicly accessible systems shall be equipped the baseline security controls including: Server based endpoint security solution, i.e. Trend Micro Deep Security agent Security anomaly detection agent, i.e. Splunk agent The Web Application Firewall service is provided to departments/ offices to safeguard their publicly accessible web applications / websites against web attacks such as SQL injection, etc.