III. General Users
Users should keep portable storage media with information related to university out of sight from other people to minimise the risk of theft. In addition, such media should not be left unattended at any time.
Where possible, users should utilise the security features of the portable storage media (e.g. USB stick with finger print recognition function) or security tools recommended by the university (e.g. data encryption software) to protect the information from unauthorised access or modification.
Important data stored on portable storage devices should be regularly backed up to designated file servers of the university.
Portable storage media containing the university related information must be appropriately cleansed and sanitised after use and before disposal. If un-rewritable portable storage devices/media are used, such as CD and DVD, they must be destroyed either by a disintegrator, or by grinding, smashing or burning.
Users must report to the IT Help Desk as soon as possible if a portable storage device containing information related to the university is lost or stolen. The IT security staff must be notified immediately and record the identification (e.g. serial number, type, asset register code) of the device, the physical appearance of the device and the details of the information stored.
Unless specifically approved, users should not keep the university related information on privately owned portable storage media. On the other hand, data related to personal matters should not be kept on the portable storage provided by the university.
The convenience and flexibility of portable storage media increase the efficiency of university's staff and students during their work and study. However, the security threats of data loss or denial cannot be ignored. To build a safe environment for using portable storage media, both the Management and general users should pay great attention to the establishment, enforcement and maintenance of necessary security measures.
All material in this document is, unless otherwise stated, the property of the Joint Universities Computer Centre ("JUCC"). Copyright and other intellectual property laws protect these materials. Reproduction or retransmission of the materials, in whole or in part, in any manner, without the prior written consent of the copyright holder, is a violation of copyright law.
A single copy of the materials available through this document may be made, solely for personal, noncommercial use. Individuals must preserve any copyright or other notices contained in or associated with them. Users may not distribute such copies to others, whether or not in electronic form, whether or not for a charge or other consideration, without prior written consent of the copyright holder of the materials. Contact information for requests for permission to reproduce or distribute materials available through this document are listed below:
Joint Universities Computer Centre Limited (JUCC),
Room 223, Run Run Shaw Building,
c/o Computer Centre, The University of Hong Kong,
Pokfulam Road, Hong Kong