Data is a critical asset of The Chinese University of Hong Kong, Shenzhen, and its security is essential for the University's normal operations.
All faculty, staff, and students share the responsibility of protecting the important data of the University and individuals. Therefore, it is necessary to strengthen data protection in the following key areas:

• Ensure that all sensitive data and important documents are encrypted, especially during storage and transmission.
• Perform regular data backups, preferably using encrypted cloud services, to prevent data loss or corruption.
• Strictly control the use of USB ports on computers and mobile devices to minimize the risk of data leakage and virus intrusion.
• When disposing of used storage media, ensure that data is completely erased, and take physical destruction measures if necessary.

Protect and Encrypt Your Files

The following files support encryption for data protection, so be sure to memorize the encryption password. If you lose the password, you will not be able to recover or otherwise access these encrypted files.

Microsoft Office Files

Microsoft Office includes a built-in password encryption feature that can be used to protect Word documents, Excel spreadsheets, and PowerPoint presentations, effectively preventing unauthorized access. For more detailed information and instructions, Please click here.

PDF

Adobe Acrobat is a professional software designed for PDF editing and offers password encryption to restrict access to PDF files. This ensures that unauthorized individuals cannot open the file. It is worth noting that while password-protected PDF files require advanced tools like Adobe Acrobat for editing, they can still be opened with free software such as Adobe Reader. For more details about Adobe Acrobat PDF protection, please click here.

Zip Utility

If you need to protect files of different formats, you can compress them into a password-protected archive. For more information on Zip file encryption across different operating systems, please click here.

Backup of personal data

For critical data, it is recommended to follow the widely recognized 3-2-1 backup rule. This rule recommends that you should maintain at least three copies of your data: two on separate local media and one in a remote location. For large but less critical data, local backups may suffice. Below are methods to implement a backup strategy:

• External Storage Backup: Use an external hard drive or USB drive to back up data on a regular basis.
• Network Attached Storage (NAS): Back up your data by connecting to a NAS device through your home or office network.
• Cloud Services Backup: Use cloud services such as Google Drive, Dropbox, OneDrive or iCloud to access your data from anywhere.
• System image backup: Create a full operating system image backup, including system files, applications, and user data.

With these methods, you can ensure that your data is safe and can be quickly recovered in case of data loss.

USB Drive Encryption Guidelines

Unencrypted USB drives are a leading cause of data leaks. To reduce the chance of sensitive information leaks, please adhere to the following ITSO guidelines:

• Avoid storing the University data on a USB drive, especially any personal identity material. Consider accessing data remotely via networks, email, or remote desktop connections. if you are working at home or are on travel.
• Use data encryption when storing sensitive data on a USB drive. Do not only rely on the “secure” USB drives in the market, unless you are confident about their encryption. You can easily turn an ordinary USB drive into a secure storage device using free software. ITSO recommends using BitLocker to encrypt USB drives. It is user-friendly, supports industry-standard encryption methods and it is free. For more details, please click here.

Secure Disposal of Hard Disk Drives

It is a common misconception that deleting files or reformatting a hard drive completely erases all data from the device. In reality, data remains recoverable unless specific measures are taken to securely destroy it. Therefore, special care is required when disposing of a computer's hard disk drive.

To securely erase data, it is recommended to use professional software that overwrites the hard drive with random data patterns. This process makes it significantly more difficult to recover old data, such as confidential files. Eraser, one of the most popular free tools available, allows users to customize the number of "passes," i.e., the number of times the data on the disk is overwritten. While additional passes increase the time required, one or two passes are generally sufficient for most users' needs.

You can download the latest version of the tool’s installer by clicking here.

For highly confidential data, additional precautions may be necessary. Measures such as the use of degaussing devices or engaging third-party services to degauss and physically destroy disks and tapes (e.g., drilling) can provide enhanced data security.