print page
< Back
Menu > About EDB >
Forms & Circulars
-
Forms
-
Circulars
< Back
Menu > About EDB >
Annual Open Data Plans
-
Annual Open Data Plans
-
Public Sector Information
< Back
Menu > Curriculum Development and Support >
Major Levels of Education
-
Kindergarten Education
-
Primary Education
-
Secondary Education
< Back
Menu > Curriculum Development and Support >
Assessment
-
Basic Competency Assessment (BCA)
-
References
< Back
Menu > Students and Parents Related >
Life Planning Education and Career Guidance
-
Life Planning Education
-
Business-School Partnership Programme
< Back
Menu > Students and Parents Related >
Safety Matters
-
Safety of Students
-
School Bus Services
< Back
Menu > Students and Parents Related >
Non-Chinese speaking (NCS) students
-
Education services for non-Chinese speaking (NCS) students
-
What's new
-
Overview
< Back
Menu > Students and Parents Related >
Programs and Services
-
Programs
-
Services
< Back
Menu > Teachers Related >
Qualifications, Training and Development
-
Qualification
-
Training
-
Development
< Back
Menu > School Administration and Management >
Financial Management
-
About Financial Management
-
Information on Subsidy
-
Notes to School Finance
< Back
Menu > School Administration and Management >
School Premises Related Information
-
Allocation of a School
-
Furniture and Equipment List for New Schools
-
School Premises Maintenance
< Back
Menu > Public and Administration Related >
Public Forms and Documents
-
Public Forms
-
Efficiency Office - Guide to Corporate Governance for Subvented Organisations
< Back
Menu > Public and Administration Related >
Tender Notices
-
Tender Notices
-
Works Tender Notice
Main content start
< Back

[Archive] Security of computer systems in primary and secondary schools

LCQ 12: Security of computer systems in primary and secondary schools

 



Question:


It has been reported that security loopholes are present in the computer systems in over 20% of the primary and secondary schools and such systems are therefore vulnerable to hacking and stealing of the data stored therein. In this connection, will the Government inform this Council:


(a) of the number of cases reported to the authorities over the past two years in which computer systems in primary and secondary schools ere hacked, and the details of such cases including the losses incurred;


(b) whether it has issued security guidelines to schools concerning the storing of information in computer systems; if so, of the relevant details and the way to monitor their compliance by schools; if not, the reasons for that; and


(c) whether it plans to step up the training for teachers to know the security issues relating to the storing of information in computer systems; if so, of the details?


Reply:


Madam President,


(a) Over the past two years, six schools reported to the Education and Manpower Bureau (EMB) over suspected hacking of their school computer systems. In these cases, the hackers were said to have attempted to intrude into other systems on the Internet through the school computer systems. There was not any damage to the computer systems and the data stored within. The schools had not suffered any financial loss, but only a brief suspension of their Internet services. They have already stepped up security measures in collaboration with the Internet service providers to prevent further attacks by hackers.


(b) On January 2, 2002, we issued the "Guidelines on IT Security in Schools" to assist schools in formulating information technology (IT) security policies and standards for their computer systems. Five sets of reference materials on IT security have also been compiled for schools since January 2002, with a view to enhancing the awareness of schools on this issue. As to monitoring measures, our officers pay regular visits to schools to promote IT education. They also provide on-site support, assistance and advice to schools if necessary.


(c) We organise various activities including seminars and workshops to enhance the awareness of schools in computer system and network security. There have been joint seminars on IT security in schools with professional bodies like the Hong Kong Institute of Engineers to provide schools with a better understanding of the possible illegal activities on their Local Area Network systems. Seminars on network security have also been organised for the principals and IT coordinators of primary and secondary schools to brief them on the application of computer network security software (e.g. firewall) and related guidelines. From December 2002 to May 2003, five IT security workshops have been planned by the EMB's Centres of Excellence on IT in education to brief schools on the security in computer networks. A web page has also been set up at HKeducationCITY.net, providing schools with up-to-date information on IT security. We will continue to organise various activities such as seminars and workshops to promote knowledge of IT security in schools.


End/Wednesday, February 26, 2003


NNNN