Page 1



Microsoft Office 365 for Education for CityU Maria Chin The University has been providing email service for staff since the late 1980’s, and subsequently extended to students, alumni, and retired staff. As of December 2012, we are hosting a total of 150,000 email accounts with 6TB of email content, and these numbers will rise as email usages increase and more alumni being added every year. With the advancement in messaging technology, the University email services have undergone many changes, and to supplement the needs for on-line collaboration and e-learning, messaging solutions for education from Microsoft (Live@edu) and Google (Google Apps, integrated with the campus e-Learning system) were introduced to staff and students in 2010. In 2011, we have started migrating staff email accounts to the Microsoft Exchange Server with an aim to soon phase out the aging staff email service which is based on Sun Java System Messaging Server. On the other hand, to speed up the email service revamps for students, alumni and retired staff, like many institutions, outsourcing the services to messaging service providers was decided, and in December 2011 the SaaS model was first adopted for the email service for the retired staff and was moved to Google Mail.

Microsoft Office 365 for Education Microsoft (hereafter referred to as MS) released MS Office 365 in mid 2011 to succeed its Business Productivity Online Suite (BPOS). MS Office 365 is a commercial software plus services1 where various MS server products are delivered and accessed over the Internet, i.e. cloud computing services. MS Office 365 for Education2 (hereafter referred to as Office 365) is Microsoft education solution that delivers the productivities of cloud computing to educational institutions, and it is designed to replace MS Live@edu. Office 365 comes in various academic plans and CityU has planned to first deploy MS Exchange Online (hereafter referred to as Exchange Online) to replace our student email service. Exchange Online is an email, calendar and contacts solution protected by built-in antivirus and anti-spam filters, and each user is provided with 25GB disk storage. Students can access the familiar interface



be mindful to the possible changes in service levels and offerings by outsourced vendors, and to stay close to technologies standards as such user content can be ported easily from one vendor to another, and if necessary, be re-established on campus.

Preparation for deploying Office 365 The Computing Services Centre partners with Microsoft Premier Service to deploy Office 365, and initially Exchange Online for CityU. The deployment mainly includes readiness assessments, customization development, and roll out preparation.

of Exchange Online via web browsers, mobile devices and email clients anywhere anytime. According to Microsoft, the servers for hosting Office 365 for local institutions are located in both Hong Kong and Singapore to provide service redundancy and reliability. Instance messaging, web conferencing, document sharing and collaboration are features also found in Office 365 which compresses MS Lync Online, MS SharePoint Online, and MS Office Web Apps. These services will be deployed in CityU as our students are adapted to Exchange Online; moreover, some applications for the new components are defined so as to exploit their functions and features for teaching and learning purposes. For even richer features, institutions may consider subscribing to Office 365 premium academic plans which include a more comprehensive MS Office Suite, download of MS Office Professional Plus, advanced voicemail and voice features, etc.

Why Office 365 for CityU? Office 365 is brought into CityU to modernize the email services for

students, and to offer a common platform for social-learning and peernetworking; it also answers the disk storage need for the huge volume of emails and files exchange amongst students and their professors. Office 365’s continuous supply of trendy features will enable our students to stay in tune with the forever evolving communication and social networking features where resources, e.g. disk storage, service availability, etc., that are supported by the virtualized server architecture are just about infinite. Office 365’s Office Professional Plus option allows subscribers to download MS Office Professional Plus to local PCs for working offline, which can be considered as a replacement to the existing Microsoft Student Option (MOS)3 provided by the University to students. Considering service reliance, Microsoft’s Trust Center4 announced in December 2011 has declared Office 365 compliances with EU privacy regulations for protecting user data security and user data privacy. It is demanding for an institution to deploy and maintain campus IT services at such scale and dynamic, and hence outsourcing is a sound solution. Nevertheless, we have to

The readiness assessments include assessing the campus user IT environments, and the capacities of the campus network and Internet access. The readiness assessments ensure that users’ PCs are adequately sized and are running on the required versions of operating systems and browser applications, and to make certain that sufficient network bandwidths to and fro the cloud service are available for optimal user experience. Redundant server and disaster recovery plan for critical on-campus servers, e.g. the Active Directory Federation Services (ADFS) for user authentication, are also designed and set up to ensure service integrity. To administer user accounts on Exchange Online, customization is required to synchronize CityU user accounts information to the cloud service. Each Office 365 user will be provided with a unified Office 365 login account name “<EID>-c” where “-c”, dash c, stands for external cloud service. The email address notations are “<EID>” and “<Email Alias>”. For security reason only the user account name, name of user, email alias, and account validity will be passed to Exchange Online for account maintenance, and the account

Issue 10 • Jan 2013

password will not be passed and instead the ADFS has been implemented to facilitate password checking against the University’s local Activate Directory (AD). User account management on Exchange Online will adhere to the University’s established policies and life-cycle for email account so as to retain the service management and governance in practice. Last but not the least, to rollout Exchange Online, it is important to prepare and streamline the front line help desk teams and the backend technical teams both on campus and at Microsoft so as to assist users who may need help to transit to Exchange Online, and FAQs and briefing sessions are inevitable.

Implementation plan It is planned to first deploy Exchange Online for all students in Semester B of 2012/2013. New students will only be given Exchange Online accounts. A period will be provided to existing students to transit to Exchange Online. During the transition period, new student email accounts ( hk) and old student email accounts (@ will run in parallel. All new emails sent to old student email accounts will automatically be copied to respective new student email accounts, meaning that students can read new emails in both of their new and old accounts and they should not miss any email. However, students are reminded that emails sent directly to their Office 365 email addresses can only be seen in their Office 365 accounts but not in their old email accounts. After the parallel run, all old student email accounts will become read-only, and students will be able to log in their old email accounts just to retrieve old emails stored there but not to receive or send emails there. All new emails sent to students’ old email addresses will be redirected and only be received and seen in student Office 365 accounts. Subsequently, the old system will stop service and be removed. Students can continue to use the same Office 365 Exchange Online email addresses and accounts as their alumni email accounts when they graduate. It is also planned to replace the in-house alumni email service with Office 365 Exchange Online. As the number of

alumni email accounts involved is close to a hundred thousand, more discussions on the changeover are required. The University email for staff remains to be serviced by the in-house MS Exchange system ( and Efforts will be focused to support the roll out of Office 365 for student and the service will be open for staff at a later time. Software plus Services (S+S) combines hosted services with locally running software, and such composite applications combine traditional software with remote services, which provides a consistent user experience across devices and form factors, supports working offline and synchronization to the cloud service for storage and sharing, also allows institution to deploy software in various configurations—on premise, hosted or mixed. 2 More information on Microsoft Office 365 for Education is available at en-hk/office365/education/school-services.aspx 3 CityU has introduced a Student Option under the Microsoft’s Campus Agreement (MSO) that allows eligible students to use the Microsoft Office Prof Plus or Microsoft Office MacStd on their personally owned computers. 4 More information on Microsoft’s Trust Centre is available at office365/trust-center.aspx. 1

Reference: “User Provisioning for the Microsoft Office 365 Cloud Service” at articles/Pages/ActiveDirectoryPreparationforOffice365.aspx.


In the News Office of the CIO The 2012 November issue of the Business Quotient Journal (part of the Linux Pilot Magazine – a leading Chinese language magazine on Linux and open source technologies in Hong Kong) interviewed Dr. Andy Chun, CityU’s CIO, on how the University is leveraging IT to enhance our students’ competitiveness as well as other current IT topics and trends. In the magazine interview, Dr. Chun explained how the University is equipping students with 21st century skills through the university’s “Discovery-enriched Curriculum”® (DEC) and its “Discover & Innovate @

CityU”® strategy. He also talked about the University’s recent success with mobile-learning and its campus-wide wifi infrastructure that supports it – providing “always on” learning. When asked about the University’s IPv6 strategy, he pointed out that CityU was one of the pioneers in this area, supporting IPv6 for over a decade already. Dr. Andy Chun, being a specialist in Artificial Intelligence (AI), explained that AI is now embedded in many of our systems to help decision making. He also highlighted the University’s cloud and big data directions. Looking ahead, Dr. Chun

outlined the current trends in Massive Open Online Course (MOOC) in the higher education industry making education freely available to everyone, as well as Software Defined Network (SDN) developments which gives enterprise infrastructure greater flexibility and efficiency. The full article can be read at: bqjournal/docs/bqj23





Overview of Security Information and Event Management (SIEM) – Part II Alex Lam 3.2 Architecture of a SIEM system In this section, we will show the architecture of a SIEM system. The architecture is explained via a walkthrough of the transformation of a raw log/event entry from its source device to a meaningful event in the SIEM dashboard. The architecture of a SIEM, as shown in figure 3 below, consists of five stages. Figure 3 – Transformation of Raw Events to Meaningful Alarm by SIEM

3.3 Details of SIEM processing The purposes and functions of each stage of SIEM are discussed as follows:

Stage 1 – Setup of Raw Event Source • Event sources are configured to forward the raw log/event to an event collector called SIEM connector • Possible event sources are – Windows Server – Network Device (Router, Switches, Firewall, IPS, etc.) – Application server (Web Server, Database Server, etc.)

Stage 2 – Raw Event Collection • Events are to be configured and collected by one or more SIEM collector(s) • The functions performed by collector(s) are: – Event Aggregation: – Grouping of repeated raw events into a single event entry – Event Filtering: – Removing of events that are not meaningful or irrelvent for further processing – The goals of this phase are: – Use multiple collectors to scale up the performance of event collection – Enhance the performance by removing duplicated or unused events

Stage 3 – Event Normalization and Categorization • The events from different devices or brands are stored in different formats • The collector performs the following operations to ease subseqent event processing • Event Categorization: – Classifying events of the same type but from different device / brand into a common event category. e.g. Port Scanning event detected from firewall and IPS – Event Normization: – Converting event entry classified as the same category into a common event format for further processing

Issue 10 • Jan 2013




Stage 4 – Event Correlation • SIEM system generates correlated events and alarms based on the following information – Business Knowledge (User Database, Network Address defintion, Asset Model) – Corrleation Rules and Logics – Normalized and Categoried Events collected from early stages • Without correlation, administrator needs to check the incident from multiple event log manually. It is not possible to provide quick identification of a multi-state attack, such as the Botnet attack, which is very common in Figure 4 – Correlation of events from multiple event sources recent years. • The correlated events as well as the raw log can be stored in a common pool for long retention

Stage 5 – Service Status Presentation • A unified dashboard showing the following information – Real-Time service and security alarms – Real-Time service status – Service and Standard compliance After showing various stages of the event processing in a SIEM system, figure 5 below provides a visual summary of the event processing in SIEM.

4. Benefits of SIEM deployment With the deployment of SIEM, it helps solve the current challenges of the complication of traditional event processing. The benefits of the SIEM deployment are shown as follows: 1. Flexible and Scalable solution for heavy loaded event processing • With the use of additonal connectors, the SIEM solution can be scaled up when there is an increased in the events to be processed • The connectors, which are tailored to understand the format and meaning of specific type of event, can extract as much as event details as possible in this early phase of event collection. This makes subsequent event processing more effective

Figure 5 – Summary of event processing of SIEM system

2. Provide a Central storage pool for event and log • The SIEM solution provides a managed central storage pool for either the raw log or consolidated event

Issue 10 • Jan 2013

• The central storage satifies the long term event retention requirements for security standard and regulatory compliance 3. Correlate events from disparate systems • The capability of categorization and normalization of events, which are stored in centralized pool, allows events from disparated sources be correlated effectively • The event correlation provides the solution to quickly identify a single security event out of millions of event entries

instantly without some special software tools. In addition, there is no easy way to provide a central dashboard showing the security and service status.

4. Provide a single security and service Dashboard • Provide a single dashboard for showing overall status of service, security level and standard compliance

The SIEM solution described in this article can help solve the above limitation in traditional event processing. With the use of multiple collectors, event categorization, event normalization and correlation of events from disparate system, the SIEM can effectively and quickly identify critical event or security incident. In addition, the SIEM can provide a single dashboard to display the security alarm as well as service and standard compliance status. All these benefits will make a better IT service and security management.

5. Conclusion Modern IT services are complicated to manage due to involvement of multiple disparate components either simultaneously or in high speed. As a result, the monitoring of the health, security and service status of an IT service requires the processing of many different event entries stored in different formats and in disparate systems. Critical security events may not be detected


CityU Received 2012 FutureGov Awards Office of the CIO The 2012 FutureGov Award is the sixth annual Asia Pacific award for government transformation – celebrating the successes of the region’s most forward-looking government organizations, including health care and higher education. According to FutureGov, the awards are “the international benchmark by which public sector innovation is judged – uniquely celebrating agency and project success.” This year, the City University of Hong Kong received the “2012 FutureGov Award” for the top “Digital Inclusion” project in this region. Our “University-

The 2012 FutureGov Award for Digital Inclusion went to the City University of Hong Kong.

wide Mobile Web Project” involved revamping CityU’s entire public web, spanning over a hundred individual websites and over half a million web pages, to be Web accessible for the disabled, including the blind, through assistive devices such as screen readers and Braille devices. This tremendous effort was driven by special technology innovations created at CityU that streamlined the conversion process making it very manageable and effective. This project would not have been possible without the hard work and dedication of close to two hundred IT and non-IT staff across all CityU departments and units. In addition, CityU was also shortlisted for the “Education Organization of the Year” for its mobile-learning efforts, as well as the “Wireless Government” award for making its web pages mobile-friendly. The FutureGov awards were judged by a panel of peers, including senior officials and technologists drawn from within and

Dr. Andy Chun receiving the 2012 FutureGov Award on behalf of the City University of Hong Kong.

beyond the Asia Pacific region. In total there were over 650 nominations, and 93 finalists, competing for the 23 award categories. This year, there were only 2 award winners from the Greater China region. Besides CityU, the Hong Kong Police received the “North Asia Public Sector Organization of the Year” award. On behalf of the University, Dr Andy Chun, CIO for CityU, received the 2012 FutureGov Award for Digital Inclusion from Mr James Smith, Managing Editor of FutureGov Magazine at a gala award celebration dinner in Chiang Mai, Thailand. Dr. Andy Chun, commented: “The FutureGov Award is a special recognition by our fellow peers in the Asia Pacific region. Unlike other awards, this is dedicated purely to the public sector. Project benefits are not measured in dollar amounts but value it brings to citizens. The award once again reinforces CityU’s IT leadership in this region.”





E-Learning Championship Series (1) K.P. Mark, Angel Lu Improving Classroom Experience and Cultural Awareness Technology has never been so close to our daily lives. From our smartphones to the satellites overhead, the applications of technology bring along different revolutions to reshape our lives in ways unimaginable only years ago. Starting from this issue, the OCIO Newsletter will be inviting teaching staff members from different departments in the University to share their insights and experience on how technology has led us into a new era of teaching and learning in tertiary education. The first issue starts with two senior faculty members who have been actively adopting a variety of educational technologies for more than a decade: Professor Douglas R. Vogel (DBA Programme Director) from Department of Information Systems, and Professor Lilian L.P. Vrijmoed (Teaching Excellence Award Winner 1996/97, 2003/04) from Department of Biology and Chemistry (BCH). In this issue, we are going to showcase different e-learning applications adopted by Prof. Vogel and Prof.

Professor Vogel using Echo360 in IS Lab

Vrijmoed to foster effective student learning.

Timely feedback between instructors and students Providing timely feedback from students to instructors and vice versa during the learning process is one of the key success elements to achieving intended learning outcomes. Thus, a mechanism to facilitate the interactions between instructors and students will not only help instructors realize and tackle students’ problems as soon as possible, but it also enhances students’ deeper engagement and interests in the course. For example, Prof. Vrijmoed used the survey software Qualtrics to operate the “minute paper” (Angelo and Cross, 1993) at the end of each lecture via the Blackboard Mobile Apps for mobile devices such as the iPod Touch and smart phones. It can provide instant and flashing feedback, which is very effective for microbiology learning. The in-class assessment activity encourages students to identify the “muddiest” concepts perceived at the end of each class. These “muddiest” concepts will then be categorized according to different areas and be used as discussion topics either in the next teaching session or through the online discussion board. This two-way feedback mechanism benefits both the instructors and the students; the instructors can gauge the learning of the students and clarify muddy concepts in a timely manner. As

Professor Virjmoed explaining how she adopted mobile devices in her courses to facilitate outside classroom learning.

observed, student’s capability in raising questions has been improved. On the one hand, they showed more confident in posing questions without feeling embarrassed, or not asking smart questions. On the other hand, students generated questions that demanded higher cognitive thinking as the course progressed. In another case, research students from Prof. Vogel also enjoy the benefits of timely feedback. Thanks to the application of Echo360. Echo360 can be used to capture class presentation, seminars and workshops in courses, and provide a reliable way for post event viewing. The recordings are now extended to students’ presentations for their own reviews and reflections. Such system not only shortens the time of acquiring knowledge, but also facilitates a peer learning experience for students across campuses in Hong Kong, Suzhou, Hefei and Shenzhen. Full integration of Echo360 is adopted in Prof. Vogel’s research courses in College of Business (CB) in the coming semester, in which class capturing will play an important role in pre-class, in-class and post-class activities. All

Issue 10 • Jan 2013

the captured clips, including students’ presentations on their thesis topic, will be published on the BlackBoard course site to allow feedback to be provided by both the instructor and their peers as well as their supervisor.

Linking classroom knowledge with real-life experience Prof. Vrijmoed adopts the blog and wiki functions in BlackBoard as the platform for co-operative learning and peer collaboration amongst students in the undergraduate microbiology courses. The idea of taking pictures or videos related to microbiology in everyday life using the iPod Touch or smart phones appealed to students. The mobility of such popular gadgets stimulated students’ interests/motives to capture any ad-hoc interesting observations or discoveries and post them up onto the course multimedia blog/ wiki page. Students who joined a trip to Norway last year even “took it to the next level” by sharing thought provocative observations that were related to Norway’s “culture” on the blog by their iPod Touch. Students are now experiencing more than just concepts of the subject area from textbooks or the internet, but have developed a “discovery” attitude and “internalized” how classroom knowledge is closely connected with their surroundings and daily activities. The design of the assignment facilitated students to participate in the sharing and peer commenting process and motivated them to turn to the natural environment to apply the knowledge learned in the classroom. From focused group discussions after the completion of the assignments, students expressed that their ‘awareness” of microbiologyrelated activities / phenomena was heightened. This is evidence of a teaching and learning activity helping to nurture students’ curiosity and observation skills which are important attributes to develop the “discovery attitude”, one of the three aspects in

the Discovery-enriched curriculum. Another observation derived from these e-learning learning activities was that there was an indication that students’ participation and networking via the e-platform reflect their subsequent success in the Students on a field trip with Professor Virjmoed using final summative assessment mobile devices grading. A project supported by TDG funding is being working attitudes and different ways of undertaken to develop a diagnosis communication. They took advantage tool that aims to evaluate students’ of the multicultural environment to involvement and social network in explore new problems out of the local mobile learning activities. This provides context and to think of innovative a useful quantitative metric for solutions. evaluating students’ learning behavior. Early warnings will be triggered to Undergraduate students in BCH remind instructors to help students also benefited from Prof. Vrijmoed’s who are in need of learning support e-learning activities in the annual before it is too late. overseas study programme. Prof. Vrijmoed encourages students to be Tasting the real multicultural aware of the cultural difference between experience Hong Kong and the destination country. In a modern IT-based multinational With the help from mobile devices, organisation, working with colleagues students could capture, share and geographically apart through different discuss their interesting observations communication technologies becomes easily and instantly with their peers. a norm. Prof. Vogel helps students Students captured a variety of to break the country and cultural observations, e.g., food, daily activities, barriers by utilizing Second Life, a natural scenery, and reflected on why famous 3D virtual world platform, in and how the difference was made. teaching and learning with virtual teams from International partners in After all, the design of effective the Netherlands and the United States. teaching and learning activities is not Students from each of the participating an easy, one-off task. Sharing good institutions were assigned in different teaching practices are crucial because virtual teams to work on a global this can enhance the capability of e-Commerce system to analyze issues effective delivery and skills in acquiring and design solutions. Ultimately, they knowledge effectively. Thankfully were required to deliver an e-Book technology has played a major role comprising the findings from their to ease learning and make teaching research, which simulated the real IT convenient. More innovative ideas workplace in which workers need to are brought alive and shared by work with international colleagues to the employment of cutting-edged deliver solutions. Students enjoyed technology in the next issue. Stay tuned! this international collaboration since T.A. Angelo and K. P. Cross, 1993. Classroom they had the opportunity to be aware Assessment Techniques, 2nd ed. San of cultural differences, in terms of Francisco: Jossey-Bass. p.148-53.





DEC Computing Labs for Student-Centric Hybrid Learning Andy Chun

Ever since the first institution of higher education was established over a thousand years ago, the way universities around the world have been providing education basically remained unchanged – in large lecture halls with passive students facing the teacher, receiving a unidirectional lecture in a totally teacher-centric environment. Interestingly, Figure 1 is an oil painting from the 1350s [1], showing how little has changed over the years in classroom dynamics – attentive front rows, talkative back rows, and some students dozing off. Some educators believe this “teachercentric” model need to be changed if we would like to prepare students for a 21st century knowledge-based society, which emphasizes collaboration, teamwork, communication, creativity, problem solving, critical thinking, etc. – all attributes of the CityU ideal graduate. In 2010, the US Department of Education issued its “National Education Technology Plan 2010” [2] – “Transforming American Education: Learning Powered by Technology.” The plan describes a “student-centric” model, where teachers are facilitators in the overall learning experience supported by technology; engaging and empowering students is a leading goal. In a recent book by Prof. Clayton Christensen, the “Disrupting Class,” [3] he also highlights “student-centric” changes that are necessary to keep teaching/learning competitive with global market needs, such as studentcentric classrooms, personalized learning, etc. It is evident that students learn better if they actively participate in the learning process and take ownership of their own learning.

Figure 1. “Henricus de Alemannia Lecturing his Students,” from Laurentius de Voltolina, Liber ethicorum des Henricus de Alemannia (1350s)

Several years ago, MIT noticed that in many of its traditional large lectures, attendance rate was less than half the class, frequently only 40% of the students would show up for class. Failure rate was 10% or even higher. MIT decided to re-think and re-design their lectures. Mixing technology, pedagogy, and classroom design, MIT created a “Technology Enabled Active Learning” (TEAL) environment [4]. Instead of large forward-facing lecture halls, TEAL environments are studentcentric designed to allow students to actively work in teams to solve authentic problems, guided by teachers as facilitators. Many other Universities around the world are also transforming their lectures to these new student-centric environments. Harvard Business

School’s new “Hive” classroom [5] is another example. Instead of lecture halls, students learn and work in teams in a highly reconfigurable learning space. CityU’s Computing Services Centre (CSC) is also supporting these new pedagogies through the development of several “DEC Computing Labs,” which provide reconfigurable learning environments that facilitates teamwork and problem solving. Figure 2 shows one such classroom. The “DEC Computing Labs” provide innovative teaching/learning spaces to support a wide variety of modern pedagogical methodologies in the teaching of computing-related subjects. The learning areas are designed to be re-configurable to suit different

Issue 10 • Jan 2013

teaching/learning needs. Furniture items are rearrange-able so that students can dynamically form teams of ad hoc sizes. Team-based discussion is facilitated by workspaces/tables with monitors for students to share their work. The four walls are all writable surfaces to facilitate brainstorming and discussion, or the posting of notes. Walls also double as multi-media display surfaces. The rooms are equipped with different wireless computing devices, such as tablets and game consoles, to suit different teaching needs. The “DEC Computing Lab” is part of our pilot project to revolutionize learning spaces for teaching computingrelated subjects. Two of these rooms are designed in conjunction with the Computer Science Department (CS), which uses them to teach college core courses for the College of Science and Engineering and the School of Creative Media. Roughly 1,400 students will benefit from the current 2012/2013 pilot project. The “DEC Computing Lab” can also be used to support the new “flipped classroom” model of teaching. According to Wikipedia [6]:

“Flip teaching (or flipped classroom) is a form of blended learning which encompasses any use of technology to leverage the learning in a classroom, so a teacher can spend more time interacting with students instead of lecturing. This is most commonly being done using teacher-created videos that students view outside of class time. It is also known as backwards classroom, reverse instruction, flipping the classroom, and reverse teaching. The traditional pattern of teaching has been to assign students to read a section of a textbook after-school, which will then be discussed the next day in class. Student would then be assigned an assessment for homework to demonstrate their mastery of the topic. In flip teaching, the student first studies the topic by himself, typically using video lessons created by the instructor or shared by another educator, such as those provided by the Khan Academy. In the classroom, the pupil then tries to apply the knowledge by solving problems and doing practical work. The role of the classroom teacher is then to tutor the student when they become stuck, rather than to impart the initial lesson. This allows time inside the class to be used for additional learning-based activities, including use

of differentiated instruction and projectbased learning. Flip teaching allows more hands-on time with the instructor guiding the students, allowing them to assist the students when they are assimilating information and creating new ideas (upper end of Bloom’s Taxonomy).” The “DEC Computing Lab” environment conveniently supports “flipped classroom” student-centric projectbased learning activities to be set up. In addition, the University provides Echo360 lecture-capturing facilities for academic staff to record their lectures before classes so that students can view them beforehand in the flipped model. In addition, a software-based video recording facility is available to all academic staff so that they can produce videos of lecture on a desktop computer with a standard webcam. The University also has several “video booths” to allow students to record their own presentations to improve their own presentation skills. These new facilities and technologies allow CityU academic staff to pursue different models of model teaching pedagogies, providing a truly studentcentric learning experience that better prepares our students to face 21st century challenges.

Reference: [1] “Lecture of Henricus de Alemania” – http:// htmdescriptionpages/18lecture.htm [2] “National Education Technology Plan 2010” – http:// [3] Clayton Christensen, “Disrupting Class” – http://www. [4] TEAL: Technology-Enhanced Active Learning – http:// [5] Welcome To The ‘Hive’: Harvard’s New Classroom – [6] Flip Teaching – teaching

Figure 2. Typical set up of the CityU DEC Computing Labs





Discovery-enriched Curriculum (DEC) Labs to Enhance Teaching and Learning (Previously published in Network Computing, 10/12/2012)

Joe Lee In response to the University’s emphasis on Discovery & Innovation and the subsequent implementation of Discovery-enriched Curriculum (DEC) in academic year 2012-13, the Chief Information Officer together with the Department of Computer Science (CS) proposed to set up a few DEC Labs for academic departments to conduct courses which empower students to discover and innovate, and the proposal was subsequently approved by senior management. The objective of setting up these DEC Labs is to provide innovative teaching/learning spaces to support a wide variety of

modern pedagogical methodologies in the teaching of computing-related subjects. In order to suit different teaching/learning needs, the DEC Labs feature special interior design and make use of advanced technologies including • the learning areas are re-configurable; • furniture is re-arrangeable so that students can dynamically form groups of ad hoc sizes and restore to rows for classroom teaching in a minute or two (see photos below); • the four walls are all writable surfaces to facilitate brainstorming, discussion, or posting of notes;

Different combinations of node chairs to suit learning needs

• different wireless computing devices are equipped to stimulate students on innovative thinking; and • multiple TVs support advanced mobile devices for idea presentation and knowledge sharing. Below is a list of some notable hardware, accessories and furniture inside the DEC Labs: • LG 42” 3D LED-LCD TV • DELL XPS 14 Ultrabook • Samsung Galaxy Tab2 7.0 • MacBook Pro/Air • Microsoft Kinect Sensor • Steelcase Node Chair

Issue 10 â&#x20AC;˘ Jan 2013


DegreeWorks â&#x20AC;&#x201C; The Platform for Academic Advising Portia Cheung, Mil Leung 2012 marked the first cohort of HKDSE students being admitted to normative 4-year undergraduate degrees in Hong Kong. It also marked the full implementation of academic advising and the full launch of DegreeWorks at CityU. Under the 4-year undergraduate degrees, students are admitted with an undeclared major into Colleges/ Schools. They will then select their major after the first year of study. Academic advising plays a vital role in helping students shape their study path and lead a meaningful University life. At CityU, each entering student is assigned one academic staff member as Advisor. Students will meet their Advisors at least once a semester for advice on course selection, program selection, study skills, professional development, etc. A good academic advising software is critical to the success in academic advising.

2010, second phase in 2011, and finally the full launch in 2012. It has now replaced the old degree audit module of Banner (CAPP) as the degree audit and academic advising software for all new students in 2012. As of December 2012, over 15,000 students at undergraduate and postgraduate levels are eligible users of the software.

DegreeWorks has several distinctive features that are essential for academic advising. The Advising Worksheet helps advisors explain the curriculum requirements clearly to students. The What-if function allows students and advisors to try out different combinations of majors and minors and view the requirements under different study options instantly. The Notes function allows advisors to record the advice given to students. Advisors and administrators can therefore have the full picture of the advising history of the students.

A new feature introduced in the full launch in 2012 is the Planner function. The Planner function allows students to put in the courses they intend to take in future terms by a simple drag and drop action. While Planner facilitates the discussion of study plan in an advising session, it also collects course demand information from students. Based on the web reports that the ARRO and the ESU have developed, academic units can make use of the course demand summary information from Planner to facilitate them in planning their course offerings for the next class scheduling exercise.

DegreeWorks was implemented at CityU in three phases: pilot run in

To help users learn the various features of DegreeWorks, we have

launched a series of training sessions and workshops. In 2010 and 2011, five functional training sessions were held to introduce DegreeWorks to the University community. In 2012, to prepare for the full launch of DegreeWorks, three functional training sessions were conducted for advisors and administrators during 16 to 18 October 2012. Another workshop for Advising Coordinators was held on 12 December 2012 for a more in-depth discussion and experience sharing on the use of DegreeWorks. Thanks to the support and the active participation of all the attendees in these training and workshops, a lot of constructive feedback and suggestions were received. We hope all students and advisors will find DegreeWorks useful. We welcome feedback from users. The project team, including colleagues from the ARRO, the ESU and the SGS, will strive for continuous improvement of DegreeWorks to meet the needs of the University community.




IT Security Awareness Series by JUCC With an aim to enhancing the IT security awareness of the CityU community, the KPMG was commissioned by the Joint Universities Computer Centre (JUCC) to prepare a series of articles on IT security and they will be adopted and published here for your reference.

IT Outsourcing I. Background Why IT Outsourcing? With today’s economic conditions providing severe challenges in various industries including the education industry, more companies are evaluating the effective use of external providers to help them support and expand their IT organizations. The following technology and industry trends reshape some of the ways in which companies operate and are in turn helping to support the increased use of outsourcing: • Cost savings: Today’s global economic crisis is inspiring companies to explore ways to reduce their operating costs and improve efficiencies. • Sustainable IT: To expand the computing power or IT resources without making larger investments in buying hardware or spending more on IT infrastructure costs, outsourcing can help consolidate and virtualise the infrastructure and purchase IT capacity to produce a lower total cost of ownership. • Flexibility: Instead of merely seeking the lowest cost, more sophisticated approach of outsourcing is to blend flexible capacities from a range of outsourcers in diverse locations into an effective, customised mix that addresses the information and communication needs.

What are the IT Outsourcing risks? – Fast pace of change in technology use is leaving businesses at risk As organisations are looking for ways to cut their IT costs, they have increasingly turned to external providers who host applications on their behalf. These services, including software as a service (SaaS), are

now used by over majority of the organisations polled. At the same time that companies are increasing their dependence on other organisations for their IT services, there has been an explosion of new cyber attacks. 61 percent of large organisations have detected attempts to break into their network in 2009, twice as many as two years ago. Worryingly, only 17 percent of those with highly confidential data at external providers ensure that it is encrypted. Outsourcing IT services does not make the security risk go away, but few companies are taking enough steps to ensure their outsourced services are not vulnerable to attack.

II. Management Shifting a function to outsourcing can be beneficial to the university because of cost saving and flexibility. Nevertheless, management has the primary responsibility to oversee the outsourcing activities and ensure the risks associated with outsourcing are managed in order to maximize the benefit of outsourcing.

Roles and Responsibilities From the information security perspective, management is responsible for assessing the risks associated with the outsourcing activities, overseeing the vendor selection process, designating function owners for the outsourced functions, and ensuring that information security policies and procedures are followed. Management should designate function owners for each outsourced function to manage the operational risks of the outsourcing activity.

Assessing Outsourcing Risks Prior to the establishment of outsourcing relationship, management should decide whether the university will benefit from the outsourcing based on the risk assessment performed by the function owners. In the risk assessment, business operation and information security aspects should be taken into account. If the risks involved are assessed as high while the commercial benefits are marginal, management should not outsource the function.

Choosing an Outsourcer Aligning the University’s outsourcing objectives with the outsourcer’s business models is a key success factors in IT outsourcing. Managing outsourcer is completely different from managing an in-house team. The outsourcers have their own agenda and objectives. When selecting an outsourcer, the following criteria should be taken into account: • Company’s reputation and history; • Quality of services provided to other customers, particularly the education sector; • Number and competence of staff and managers; • Financial stability of the company and commercial record; • Retention rates of the company’s employees; and • Professional standards followed regarding quality assurance and security management.

IT Outsourcing Contract A formal contract between the university and the outsourcer shall exist to protect both parties.

Issue 10 • Jan 2013

To prepare the contract, operational staff and function owners should be involved to help create performance metrics and statements of work so as to measure what is restricted to the university operations. The requirements and expectations of end users and affected functions should be considered in developing the contract. For information security, the types of information exchanged and the purpose for information exchange should be clearly defined in the contract. A binding confidentiality agreement shall be in place if the information being exchanged is sensitive. Based on the risk assessment result, additional controls should be referenced in the contract, for example: • Legal, regulatory and other third party obligations, such as: – Data protection or privacy laws for Hong Kong. • Information security obligations and controls, such as: – Information security policies, procedures, standards and guidelines; – Background checks on employees or third parties working on the outsourcing contract; – Access controls to prevent unauthorised disclosure, restrict modification or destruction of information; – Information security incident management procedures; – Return or destroy all of the university’s information assets by the outsourcer after completion; – Protection of intellectual property shared with the outsourcer, e.g. copyright and patents own by the university; – Specification, design, development, testing, implementation, configuration, management, maintenance, support and use of security controls associated with IT systems; – Anti-malware, anti-spam and similar controls; and

– IT change and configuration management practices and controls.

III. General Users (Function Owners) Roles and Responsibilities

Designated owners of outsourced functions are responsible for assessing and managing the business and security risks associated with outsourcing, working in conjunction with Information Security, Legal and other functions as necessary.

Risk Assessment The function owner shall assess the risks before the function or process is outsourced. The risk assessment shall include the following considerations: • nature of logical and physical access to university’s information assets and facilities required by the outsourcer to fulfil the contract; • sensitivity, volume and value of any information assets involved; • commercial risks, such as the possibility of the break down of outsourcer’s business, the failure to meet agreed service levels; and • outsourcer’s security and commercial controls currently in place. After the completion of the risk assessment, the results shall be presented to management for reviewing and approval of the risk and benefit for outsourcing.

Change in Operation The outsourcing of a function changes the work of hands-on operational staff radically. In turn, the staff has to manage and monitor the work of outsourcer and develop metrics to measure the performance of the outsourcer accurately. Function owners work as the communication medium between the outsourcer and management. They have to maintain open lines of communication, and ensure that the objectives of the management are achieved.

Copyright Statement All material in this document is, unless otherwise stated, the property of the Joint Universities Computer Centre (“JUCC”). Copyright and other intellectual property laws protect these materials. Reproduction or retransmission of the materials, in whole or in part, in any manner, without the prior written consent of the copyright holder, is a violation of copyright law. A single copy of the materials available through this document may be made, solely for personal, noncommercial use. Individuals must preserve any copyright or other notices contained in or associated with them. Users may not distribute such copies to others, whether or not in electronic form, whether or not for a charge or other consideration, without prior written consent of the copyright holder of the materials. Contact information for requests for permission to reproduce or distribute materials available through this document are listed below: Joint Universities Computer Centre Limited (JUCC), Room 223, Run Run Shaw Building, c/o Computer Centre, The University of Hong Kong, Pokfulam Road, Hong Kong

Reference: http://www.iso27001security. com/ISO27k_model_policy_on_ outsourcing.doc http://www.computerworld. com/s/article/print/347122/After_ the_Ink_is_Dry?taxonomyName= Management&taxonomyId=14





Social Media @ CityU The Web Team Nowadays most people would probably enthusiastically agree that social media are the best channels to communicate, share information, or just stay in touch with your constituents and stakeholders. Long before Facebook got really popular in Hong Kong, CityU has been experimenting with all sorts of social media for teaching/learning as well as communications. Today, many academic departments and administrative units have Facebook pages, Twitter accounts, YouTube channels, etc., to activity connect with students and friends. The University has a website that lists all our social media channels: Feel free to visit that website and explore whatâ&#x20AC;&#x2122;s happening at CityU.


IT Concepts from Wikipedia Andy Chun (ed.) Social Learning is learning that takes place at a wider scale than individual or group learning, up to a societal scale, through social interaction between peers. It may or may not lead to a change in attitudes and behavior. More specifically, to be considered social learning, a process must: demonstrate that a change in understanding has taken place in the individuals involved; demonstrate that this change goes beyond the individual and becomes situated within wider social units or communities of practice; and occur through social interactions and processes between actors within a social network. Social Learning Tools are those tools used for pedagogical and andragogical purposes that utilize social software and/or social media in order to facilitate learning through interactions between people and systems. Social Learning Tools may mediate in formal or informal learning environments to help create connections between learners, instructors and information. These connections form dynamic knowledge networks. Companies are using social learning to improve knowledge transfer within departments and across teams and use a variety of tools to create a social learning environment. Some use Sharepoint, Moodle, WordPress, Joomla, Bloomfire or Yammer to help host and create content for social learning.

Editorial Box OCIO Newsletter Advisory Board Dr. Andy Chun (OCIO) Ms. Annie Ip (OCIO) Mr. Raymond Poon (CSC) Mr. Peter Mok (CSC) Mrs. W K Yu (ESU) Publishing Team Ms. Noel Laam (CSC) Ms. Annie Yu (CSC) Ms. Joyce Lam (CSC) Mr. Ng Kar Leong (CSC) Mrs. Louisa Tang (ESU) Ms. Doris Au (OCIO) For Enquiry Phone 3442 6284

Note: The next release of Blackboard Learn, the learning management system used at CityU, will have social learning capabilities.

Fax 3442 0366

This article uses material from Wikipedia. The Author(s) and Editor(s) listed with this article may have significantly modified the content derived from Wikipedia with original content or with content drawn from other sources. The current version of the cited Wikipedia article may differ from the version that existed on the date of access. Text in this article available under the Creative Commons Attribution/Share-Alike License.

Email OCIO Newsletter Online

OCIO Newsletter Issue 10  

January 2013 - The tenth issue of the OCIO Newsletter of the City University of Hong Kong.

OCIO Newsletter Issue 10  

January 2013 - The tenth issue of the OCIO Newsletter of the City University of Hong Kong.