HKUST ITSO AI Chatbot

Important reminder

Please do not disclose personal data such as your HKUST account number, staff/student ID or name in the chatbot. Information provided will be retained to enhance system performance.

By using the HKUST ITSO Chat service, you confirm that you have read, understood, and agreed to the Disclaimer


Log in to access additional information for your user group in addition to the publicly accessible content.

Send Icon
Minimum Security Standard, Acceptable and Recommended Practices

The main purpose of defining Minimum Security Standard is to assist IT resource users and owners in determining the right level of protection. These standards also serve as checklists for periodic compliance monitor at the unit level. Currently, Minimum Security Standard is defined for the following IT Resources:

  • Endpoints
  • Servers
  • Application Systems
  • Cloud applications running as Software as a Service (SaaS)

For the proper protection of individuals, units and the University, the Minimum Security Standard is mandatory for all University members. It should also be noted that users handling sensitive data should follow the Acceptable Practices for Handling High Risk Data. In order to comply with the University’s Personal Data Privacy Policy.

Cyber security is a broad topic and a set of more comprehensive guidelines in terms of recommended practices in different areas can be referenced as in need. Currently, the following recommended practices are defined:

It should be noted that some of these recommended practices can become mandatory requirement depending on the risk classification of the particular use case, as defined in the Minimum Security Standard.


Support

General Enquiries cchelp@ust.hk
Suggestions & Complaints cclisten@ust.hk
Serviceline +852-2358-6200