-
Our Services
- New Industrialisation
-
IIOT
- IIOT
- Industrie 4.0 - Smart Enterprise
- Product Lifecycle Management Consultancy
- Intelligent Automatic Warehousing and Logistics
- Real-Time Manufacturing Tracking System
- Knowledge Based Engineering & CAD Solution
- Location Based Services and Location Analytics
- The HATCH
- Hong Kong Industrial Drone Technology Centre
-
AI & Robotics
- AI & Robotics
- AI Sheet Metal Surface Defect Detection Technology
- Product Innovation and Design Management
- Robotics Application
- Automation Feasibility Study
- 3D Automatic Processing
- Application and Research on Vision and Ultrasonic Inspection Assisted by Artificial Intelligence and Robotics
- Customized Intelligent and Cognition Automation Machine & System Development
- Autonomous Air-ground Cooperative Tunnel Inspector
- AR-Empowered Robot Control System (ARERC System)
- IoT-enabled Smart Toilet Bowl Cleaning System
- Novel Materials
-
Advanced Manufacturing Technology
- Advanced Manufacturing Technology
- 3D Scanning and Reverse Engineering Service
- Flexible Metallic Fiber Physical Porous Part Fabrication Technology
- Advanced Mould Cooling Technology and CAE Conformal Cooling Analysis
- Gas Atomisation Technology
- Dual Laser Metal Polishing Technology
- Advanced Additive Manufacturing, 3D Printing Technology, and Direct Manufacturing
- Diffusion Bonding Technology
- Electrically-Assisted Free Forming (EAFF) Technology for Customisation of Sheet Metal Parts
- Plastic Process and Machinery Technology
- Fashion and Garment Technology
- Computer Aided Technology (CAx)
- Watch Assembly Automation Technology
-
Digital Transformation
- Digital Transformation
- HKPC Digital DIY Portal
- 「FitEasy」Virtual Fitting Technology - For People with Disability
- Smart Solution
- Digital Transformation Support
- Research and Analytics
- Strategic IT Management
- Cyber Security
- Embedded Software System
- New Media and Learning Technology Development
- IT Industry Support
- DevOps Maturity Assessment and Consultancy Service
- Software Testing Automation Consultancy Service
- Blockchain Consulting Service
- Extended Reality (XR) technology and consultancy service
- Smart Living
-
Green Technology
- Green Technology
- HealthTech and Chinese Medicine
- Carbon Neutrality and Comprehensive Carbon Management
- Green Procurement
- Eco-Design & Manufacturing Consultancy Service
- Cleaner Production
- Advanced decolorisation process for landfill leachate
- Effective Utilisation of Resources
- Innovative Environmental Technology Development
- Food Technology
- Geron Technology
-
Corporate Sustainability
- Corporate Sustainability
- Manufacturing Technology (Tooling, Metals & Plastics) Recognition of Prior Learning (RPL) Mechanism
- Market Research and Analytics
- Business Innovation
- Sustainability-related standards and guidance
- Organization Innovation Capability Development
- ESG and Sustainability Services
- District Innovation
- Customer Service Assessment
- Intellectual Property (IP) Protection and Management
- Support to Creative Industries
- Manufacturing Standards Consultancy Service
- Production Capacity Optimization
- Cost of Quality
- Testing & Standards
- Price Concessions to SMEs
- Community
-
Support & Resource
- Technology Transfer
- SME Services
- Biz Expands Easy (BEE) Funding Portal
-
Support Centres
- Support Centres
- Celesphere
- Inno Space
- The HATCH
- Intellectual Property Services Centre
- Advanced Electronics Processing Technology Centre
- Green Living Laboratory
- Reliability Testing Centre
- Electromagnetic Compatibility Centre
- Plastics Technology Centre
- Smart Wearables, Watch & Clock Technology Centre
- Conformal Cooling Technology Centre
- Hong Kong Digital Testing Hub
- Hong Kong Industrial Drone Technology Centre
- Aqua Research Laboratory
- Advanced Materials and Intelligent Manufacturing Centre
- Hong Kong Joint Research Lab for Applications of Intelligent Automation Technology
- Future FoodTech Lab
- HKUST-HKPC Joint Research Lab for Industrial AI and Robotics
- Hong Kong Industrial Artificial Intelligence & Robotics Centre (FLAIR)
- Venues & Facilities
- Testing & Standards
- HKPC Spotlights
- HKPC Academy
- About US
-
LANGUAGE
Local Organizations Urged to Step up Access Management of Critical IT Systems
Some local companies and organizations failed to make sufficient provisions for the management of “privileged access” to critical IT systems and networks, leaving themselves exposed to hacking and insider attacks, according to a recent survey conducted by the Hong Kong Productivity Council (HKPC).
Commissioned by enterprise cyber security solutions provider SSH Communications Security, the survey covered the local use of privileged access, which allows internal staff or external partners to freely navigate an organization’s IT systems or networks and perform critical IT functions. Related security issues and management measures were also studied.
The survey found that 81% of respondents had applied audit and management on privileged access with enhancing security protection (78%) and compliance requirement (63%) as the two key reasons behind it. Despite the efforts, 18% still encountered privileged access related security issues such as external attacks or abuses of usage by internal staff.
Furthermore, 31% of respondents provided shared accounts with privileged access to internal staff or external partners. Among them, 25% did not impose additional security measures.
The survey also found that 61% of the respondents planned to invest on IT security in the coming 12 months. Those with more potential security exposure were more willing to invest on advanced security solutions.
Mr Wilson Wong, General Manager (IT and Business Process) of HKPC, warned that reports of large scale cyber attacks targeting overseas government, banks, retailers and utilities indicated that obtaining privileged access was usually one key step in the chain of attacks which aimed to cause greater damage. He said, “Besides, ransomware attacks can also find their way through taking control of privileged access. The victimized organizations may suffer from service disruption, data breach, financial loss, damage of reputation or even legal liability.”
He advised that enterprises should enhance privileged access management, especially those providing shared accounts for staff and those who give privileged access to IT outsourcing partners or cloud service providers. They should consolidate and centrally manage user identities and access. Privileged access should be logged, monitored and audited. The integration of privileged access management measures with security infrastructure such as intrusion detection and prevention systems, data leakage protection, security information event management can ensure comprehensive protection.
Conducted in December 2016, a total of 51 organizations, covering financing and insurance; logistics and transport; government and public bodies; import/export, wholesale and retail sectors, etc., were interviewed. They included listed companies, and non-listed companies with over 300 employees.
The full report of the “Study on Privileged Access Governance in Hong Kong Enterprises” can be downloaded from the following link: http://u.hkpc.org/hk_pag. For further information about the study and HKPC’s information security services, please contact Mr Leung Siu-Cheong at tel.: (852) 2788 5420 or email: scleung@hkpc.org. For other media enquiries, please contact Mr Felix Chan at tel. (852) 2788 5036 or email: felixchan@hkpc.org.
* * *
Mr Jonathan Ho
General Manager
Corporate Communication and Marketing
Tel: (852) 2788 6390
Fax: (852) 2788 5056
Email: jonathanho@hkpc.org
Website: www.hkpc.org
7 March 2017
Mr Wilson Wong, General Manager (IT and Business Process) (centre), Mr Wally Wong Consultant (IT and Business Process) of HKPC (left); and Mr Ricky Ho, Vice President, APAC of SSH Communications Security, present the findings of the “Study on Privileged Access Governance in Hong Kong Enterprises” and make recommendations on enhancing privileged access management
Mr Wilson Wong, General Manager (IT and Business Process) of HKPC
FOLLOW US
SUBSCRIBE TO OUR NEWSLETTERS
Share the latest information of HKPC to your inbox
SIGNUP NOW