Students
Teachers
CUHK-Shenzhen
简体中文
Email Campus Network VPN Teaching system Campus Card CUHK(SZ) Account Software Registry Panopto
Students
Teachers
CUHK-Shenzhen
简体中文
  • About Us
    • Meet ITSO
    • Service Desk
    • Rules and Regulations
      • Policies and Regulations
      • IT Policies
    • Multifunction Classrooms and Data Center
  • Our Services
    • My Portal
    • Campus Network
    • Desktop Applications
    • Account and Permissions
  • Network and Information Security
    • Security Policies
    • Critical Data Protection
    • Phishing Alert
    • Security Tips
    • Password Security
    • Security Skills
  • High Performance Computing
    • About the Platform
    • Platform Resources
      • Hardware Resource
      • Software Resources
    • User Guide
      • Cluster User Guide
    • Pricing Scheme
      • Cluster hourly rates
      • Storage space rates
    • Case Study
  • Software
  • FAQ
    • Multimedia Equipment
    • Campus Card
    • Campus Network
    • Cloud Printing
    • Questionnaire Platform
    • Software
    Current Location:
  • Home
  • Network and Information Security
  • Critical Data Protection
Network and Information Security
Security Policies
Critical Data Protection
Phishing Alert
Security Tips
Password Security
Security Skills
Critical Data Protection

Data is a critical asset of The Chinese University of Hong Kong, Shenzhen, and its security is essential for the University's normal operations.
All faculty, staff, and students share the responsibility of protecting the important data of the University and individuals. Therefore, it is necessary to strengthen data protection in the following key areas:

  • Ensure that all sensitive data and important documents are encrypted, especially during storage and transmission.
  • Perform regular data backups, preferably using encrypted cloud services, to prevent data loss or corruption.
  • Strictly control the use of USB ports on computers and mobile devices to minimize the risk of data leakage and virus intrusion.
  • When disposing of used storage media, ensure that data is completely erased, and take physical destruction measures if necessary.

Protect and Encrypt Your Files

The following files support encryption for data protection, so be sure to memorize the encryption password. If you lose the password, you will not be able to recover or otherwise access these encrypted files.

Microsoft Office Files

Microsoft Office includes a built-in password encryption feature that can be used to protect Word documents, Excel spreadsheets, and PowerPoint presentations, effectively preventing unauthorized access. For more detailed information and instructions, Please click here.

PDF

Adobe Acrobat is a professional software designed for PDF editing and offers password encryption to restrict access to PDF files. This ensures that unauthorized individuals cannot open the file. It is worth noting that while password-protected PDF files require advanced tools like Adobe Acrobat for editing, they can still be opened with free software such as Adobe Reader. For more details about Adobe Acrobat PDF protection, please click here.

Zip Utility

If you need to protect files of different formats, you can compress them into a password-protected archive. For more information on Zip file encryption across different operating systems, please click here.


Backup of personal data

For critical data, it is recommended to follow the widely recognized 3-2-1 backup rule. This rule recommends that you should maintain at least three copies of your data: two on separate local media and one in a remote location. For large but less critical data, local backups may suffice. Below are methods to implement a backup strategy:

  • External Storage Backup: Use an external hard drive or USB drive to back up data on a regular basis.
  • Network Attached Storage (NAS): Back up your data by connecting to a NAS device through your home or office network.
  • Cloud Services Backup: Use cloud services such as Google Drive, Dropbox, OneDrive or iCloud to access your data from anywhere.
  • System image backup: Create a full operating system image backup, including system files, applications, and user data.

With these methods, you can ensure that your data is safe and can be quickly recovered in case of data loss.


USB Drive Encryption Guidelines

Unencrypted USB drives are a leading cause of data leaks. To reduce the chance of sensitive information leaks, please adhere to the following ITSO guidelines:

  • Avoid storing the University data on a USB drive, especially any personal identity material. Consider accessing data remotely via networks, email, or remote desktop connections. if you are working at home or are on travel.
  • Use data encryption when storing sensitive data on a USB drive. Do not only rely on the “secure” USB drives in the market, unless you are confident about their encryption. You can easily turn an ordinary USB drive into a secure storage device using free software. ITSO recommends using BitLocker to encrypt USB drives. It is user-friendly, supports industry-standard encryption methods and it is free. For more details, please click here.

Secure Disposal of Hard Disk Drives

It is a common misconception that deleting files or reformatting a hard drive completely erases all data from the device. In reality, data remains recoverable unless specific measures are taken to securely destroy it. Therefore, special care is required when disposing of a computer's hard disk drive.

To securely erase data, it is recommended to use professional software that overwrites the hard drive with random data patterns. This process makes it significantly more difficult to recover old data, such as confidential files. Eraser, one of the most popular free tools available, allows users to customize the number of "passes," i.e., the number of times the data on the disk is overwritten. While additional passes increase the time required, one or two passes are generally sufficient for most users' needs.

You can download the latest version of the tool’s installer by clicking here.

For highly confidential data, additional precautions may be necessary. Measures such as the use of degaussing devices or engaging third-party services to degauss and physically destroy disks and tapes (e.g., drilling) can provide enhanced data security.

Copyright © CUHK-Shenzhen The Information Technology Services Office