In the world of Internet, various activities are being carried out in every second, such as remote working, online learning, e-banking, and online games, etc. In recent years, people’s awareness of cyber security is increasing. Besides, we also need to understand and comply with the requirements of relevant laws and regulations. With the Personal Data Protection Act., the Combating Computer Crime Law and the Cybersecurity Law coming into effect, relevant protections have been obtained in different fields. However, while the laws are established, the cooperation of all parties is needed in order to build a secure network environment.

Actually, information security is the shared responsibility. In the daily use of network resources, besides protecting your own safety, you also need to protect the safety of others, while you may have overlooked some important things. Here are some tips and information for your reference:

• Always pay attention to protect the personal data of yourself and others. When collecting, processing, storing and deleting personal data, you must pay attention to comply with the relevant applicable laws, policies and guidelines.
• Do not conduct or attempt to conduct any actions that endanger information security. For examples,
  • Deliberately spread spam mails, computer viruses and Trojan horse programs;
  • Use vulnerability of the website to gain benefits or steal someone’s personal data;
  • Unauthorized use of scanning tools to scan for vulnerabilities or intrusions on relevant networks without explicit consent or authorization of relevant persons or institutions. The Judicial Police pointed out whoever commits the above-mentioned actions which no matter either for a good or malicious intention, it is illegal even if there is nothing damaged or stolen.
• UM staff should not use communication tools or network services provided in public places to process any UM protected personal information and data. In addition, according to SAFP’s guideline, do not use personal email to process UM’s administrative information or data;
• If you need to provide IT systems, facilities and services to UM users, you need to comply with the Cybersecurity Law; In addition, in case you encounter any information security incident, you must notify ICTO as soon as possible, and provide necessary information for incident investigation.

• The Cybersecurity Law (Chinese) | (Portuguese)
• Combating Computer Crime Law (Chinese) | (Portuguese)
• Personal Data Protection Act (Chinese) | (Portuguese)
• Judicial Police - Legal Knowledge
• Acceptable Use Policy – ICTO Computing Facilities, Campus Network and Internet
• ICTO Infosec. Website