IT Security Everywhere || Product Square || Balanced Life || Free Ad || Pro Services || Member Club || Contact  || Home  || Back ||

The Only Independent Security Portal in Hong Kong

|| Legal Disclaimer ||

　Job Search Companies List & Links

Security Web Site Links in Hong Kong

PISA Professional Information Security Association

HKPC Information Security HKCERT Web Site

HKCS Hong Kong Computer Society Information Security SIG (ISSIG)

Types and Categories of Computer Crime

Military and Intelligence Attacks; Business Attacks; Financial Attacks; Terrorist Attacks; Grudge Attacks; Fun Attacks

HKSAR Government Virus Alert

Security News and Tips

Security Policy Internet Security Concerns

Digital Certificate CA in Hong Kong

Email Security

Email Spamming-Legal or Not? see Legal Highlighted

5 ways to guard against e-mail viruses? see Security Tips

Encryption Product License
The China Government has now clarified the implications of its State Council Order which requires foreign organizations or individuals using encryption products or equipment containing encryption technology in China to apply for permission. The range of products subject to control does not include wireless handsets, scanner software or Windows software. For enquires of product license in Hong Kong, please contact Trade Dept Hotline at 2398-5580 to 2398-5582. The license could be applied by your encryption product vendor or yourself.

Access Control what is security database? Intrusion Detection?

Personal Data (Privacy) Ordinance

Taking Precautions after you finish surfing the Internet !!!

(Permission given by the Crime Prevention Bureau, Hong Kong Police to
reproduce all of the following document for education only.)

PC Security 

Beware of your deleted files! It could be undeleted! How about your screen saver password? Your Internet browser password?

Laptop and Notebook Security

Survey responses show laptop theft is a serious problem (Jan 2001)

 Results of an informal TechRepublic survey show that although laptop security is a
major issue for the respondents, few companies have actually implemented
policies to address the problem. (courtesy of TechRepublic)

See the problems here

PDA / Palm Security

 PDA is not designed with security in mind. Until now, not many users and vendors know this is very important. There are a tremendous number of federal and enterprise Palm(TM) / PDA handheld computer users...Once the Palm handheld was found, by an unauthorized user or, even worse, by some ``bad guys'', they would have access to all the information on the Palm handheld... There are only a few software products. See some products information here. See the F-Secure Palm Virus Info Centre below.

Global Palm Virus Information Center

WAP Phone Security

WAP? G2 Security? G3 Security? Radiation?

F-Secure Announces World's First Anti-Virus Product for Wireless Information Devices

Network Security

SSL Security?

DDOS?

Recently several large e-commerce sites were attacked and temporally disabled with a type of Internet based denial of service attacks. These large scale or Distributed Denial of Service attacks was able to prevent legitimate users from accessing Internet based services. Asia Pacific e-commerce is expected to reach US$1 trillion by 2003. However, e-commerce companies have to prevent service outages due to DDoS if customers are to be expected to use the site.

These DDoS attacks can be very frustrating for traditional security organisation because they cannot be prevented by firewalls.

* Understanding how Denial of Service Attacks are Orchestrated
* Recognising programmes used to facilitate DoS attacks
* Applying measures to prevent DoS attacks
* Gathering forensic information if you suspect an attack
* Maintaining a secure defence against network based attacks

Can IDS detect hacking activities inside the network?

c

Business Continuity Best Practice

1. The Board of Directors annually reviews the business continuity program.
2. The responsibility for business continuity rests with a top executive.
3. A distince staff, with associated budget, performs the business continuity activities.
4. The business continuity function spans all aspects of the organisation.
5. Business continuity planning is a continuous process within the organization.
6. The organization maintains a comprehensive backup policy that includes all vital records.
7. Recovery strategies are in place and are based upon the impact that the loss of a business process would have upon the organization.
8. A recovery strategy-testing program is in place.
9. The recovery manual that documents the program is reasonably curent and available under all circumstances. The document is so structured so that an outside technical expert, unfamiliar with the organization could execute technical recovery strategies.

Risk Management

Security Products Links 
Get a Personal Firewall and Virus Protection software FREE? Yes!!

Legal Highlighted
Email Spamming-Legal or Not?

Job Security

for a job? Check here the Job Search Companies List & Links

What is the basic ethical standards of a IT Security Officer and the external Security Consultant??

Looking for hot IT Security jobs? (For my friends and readers)
What experience and qualification would be required for a security post? Why it is so difficult to find an experience security employee in Hong Kong? Are the personnel agents do not know the requirements or do not know what knowledge should be obtained for being a security pro? These are the questions need to be considered. In the coming articles, I will address the basic requirement of being a security professional and why it so hard to find these candidates. 

Perhaps the most important elements in successful careers in the security field are a commitment to lifelong learning and an 
interdisciplinary, wide-ranging curiosity. Security is an interesting field because it can benefit from so many different disciplines, including not only technical fields but also aspects of the human side of security.

M. E. Kabay, PhD, CISSP 
mkabay@atomictangerine.com
http://securityportal.com/kfiles/files/careersinis.html

  Hacker Glossary 

Those were the days!

The Passing History of hacker attacks, virus attacks and events

 How the Internet works? (Courtesy of What.Com)

Reference Books & Magazines

Cryptography and Network Security
A famous book using by many universities in Hong Kong. (May 2000)

Secrets & Lies

Information security expert Bruce Schneier explains what everyone in business needs to know about security in order to survive and be competitive. Pragmatic, interesting, and humorous, Schneier exposes the digital world and the realities of our networked society. He examines the entire system, from the reasons for technical insecurities to the minds behind malicious attacks. You'll be guided through the security war zone, and learn how to understand and arm yourself against the threats of our connected world. 

"The book is of value to anyone whose business depends on safe use of e-mail, the Web, or other networked communications. If that's not yet everybody, it soon will be."

-- Stephen H. Wildstrom 
Business Week

e-Commerce Security

> Save a lot of effort here so as to promote your website <
> Check registered domain name <
> Free submission for promotion <

Ask Me a Question ???
Reply in 1.5 days average.  

  Go to see my replies to Questions

Cyber 2005 A bi-weekly newsletter released by Sin Chung Kai, Legislative Councilor (IT) of Hong Kong acting as a bridge between the IT professionals and him as the IT representative in the Legislative Council. (Copyright Sin Chung Kai)

　\

Open Discussion Topic: Advertising Problem?

"I Love You", a malicious virus name, is now being used by CNN as an copyrighted ad in Hong Kong. Do you agree that CNN has the right to use this virus name as its promotion slogan?

Security in Picture

Swimming in 2000

2001 Access Control Evolution

Spend more time with your family

Free B2B

　c

I hope you know that Security is vital to your own private data and company information. Please bookmark this page and tell your friends about this portal now!

This page consists of up-to-date information with IT Security topics to raise the awareness on information security issues and to provide an independent advice to companies and individual facing security problems. This web page does not tie up with any vendors or Government body. Please send message to helpdesk@onenet.com.hk for any information you would like to announce. Chesky and Danny are invited by OneNet the editors of this page. They are working for international banks and consulting firms in Systems Security over 20 years experience.

Tell-A-Friend About this portal. The only independent update security portal in Hong Kong.

　  For suggestion, please helpdesk@onenet.com.hk

|| Product Square || Balanced Life || Free Ad || Pro Services || Member Club || Contact  || Home  || Back ||