Information Security Systems Update
Hacking activities are more frequent and the attacks become more and more sophisticated nowadays. ITSC always takes the protection of the University’s systems seriously. We have enhanced the exsiting measures and developed new policies and systems to protect the University’s systems and users’ information.
Further Enforcement of 2FA to Strengthen Account Security
Two-Factor Authentication (2FA) is an important component in information security to give added protection to the username and password. In the 2019/2020 academic year, we have:
- Extended 2FA to cover all IT critical systems such as e-mails, myLingnan Portal, VPN, Moodle, Qualtrics and Helpdesk System, etc.
- Completed the enforcment for all students and staff on 2 October 2019 and 20 April 2020 respectively.
- Tightened the control on departmental accounts, project accounts and 3rd parties accounts such as contractor accounts by setting an expiry date and make it mandatory to have an account custodian to prevent the occurrence of outdated information or unmanaged accounts; and enforcing 2FA on these accounts on 2 October 2020.
Network Security - Network-based Cyber Defense System
ITSC has deployed a Network-based Cyber Defense System which utilizes self-learning cyber AI technology to detect novel attacks and insider threats at an early stage. The system can protect the University network from Zero-day, Ransomware, APT and Malware attacks. The system will cover and protect all systems that connected to the network including PCs, Servers, Network Equipment and IoT devices.
New vulnerabilities on IT systems are discovered every day, and vulnerability is the major source that leads to an attack. In orde to ensure the system bugs or loopholes can be rectified as soon as possible, ITSC deployed a new vulnerability management system to automate the vulnerability detection and monitoring process. The alert of newly discovered vulnerabilities sent by the system helps ITSC staff to take remediation action to reduce the surface of the attacks at an early stage.
Servers and Endpoints Security
Advanced Threat Analytics (ATA) is an on-premise platform that learns, analyses and identifies normal and suspicious users or device behavior with built-in intelligence. ITSC has implemented the ATA system to protect the University from multiple types of advanced targeted cyber-attacks and insider threats.
Computer endpoints such as PCs are one of the weakest tiers in the area of IT security as users might unintentionally execute problematic files or accessing malicious websites on the Internet. The endpoint antivirus software had been deployed in most of the endpoints on campus since mid-2019 and provided fundamental protection against malware/virus. To strengthen the protection level towards unknown vulnerabilities and zero-day attacks, the Endpoint Detection and Response (EDR) module was implemented in addition to the original antivirus software. This module significantly speeded up the response to incident handling and enabled the IT security team to tackle the incident promptly.