Server Compliance Project

To protect the University’s IT environment from malicious intrusion activities, ITS has embarked on a new Server Compliance Project to enforce compliance of all computer servers connected to the campus network to a set of security technical standards.  This project was initiated following the recommendations given by Ernst & Young Advisory Services Limited (EY), which had been appointed to carry out the Information Security Assessment Exercise in 2013 with nine departments/units.  Department Heads were notified of the Project in mid-February.

The set of standards to be enforced are adopted from international security standards and practices. To enforce the standards, a piece of agent software will need to be installed on each networked server to carry out compliance assessment and detect security vulnerability on the server. A Compliance Management System will gather information via the agent software on the status of compliance of the server for reporting.

In the next few months, we will be working closely with individual departments on the Project. After collecting the existing networked server information from departments, we will provide them with the agent software, and the procedures to follow to install the software on the servers. The installation has to be performed by departments as server passwords are needed to do it. Upon completion, the Compliance Management System will gather the compliance status of each networked server, and notify the department concerned if remedial work is needed for the server to meet the security technical standards.

While it may take a couple of months for departments to complete the installation of the agent software on all existing networked servers, we expect that after 14 March 2014, all new servers must have the agent software installed before connecting to the campus network.

ITS will bear the license cost of the agent software for existing servers made known to us by 14 March 2014 through the stocktaking exercise. However, departments will have to take up the agent license cost, which is estimated at HK$200 for each physical CPU core, for new physical servers deployed afterwards.

We require a joint and concerted effort from all departments in safeguarding the University’s IT environment.  In case you have any questions regarding this Project, please feel free to contact the undersigned.

 

Peter Li
Associate IT Director (IT Infrastructure)
Tel: 3917 6226
Email: petercli@hku.hk