Information Security Plenary Session
Panelist: Mak Kin-ming, Principal Immigration Officer (Records and Data Management), Immigration Department, HKSAR Government
Topic: "Information Security in Immigration Department, HKSAR"

March 29, 11.25 – 12.25

Abstract:
The mission critical systems of ImmD have always run on an enclosed network. There are facilities and procedures to protect the security, privacy and integrity of the data stored, transmitted and processed in all systems. State-of-the-art information security technologies such as firewalls, air-gap gateway, demilitarized zone, intrusion detection systems and various type of cryptographic techniques including the public key infrastructure have been introduced to further enhance the security and privacy of the information systems. In addition, comprehensive information security measures are also employed including data encryption, access controls at function and record levels together with rigorous user authentication and authorization mechanism to inhibit unsolicited access to the records in the systems. Other measures adopted include network separation and single sign-on with biometrics identification to prevent unauthorized access/hacking and reduce the risk of computer virus attacks. Apart from the physical security set-ups and procedures, security and audit reporting utilities are also employed to record all user activities for regular auditing purpose.

Biography:
Mr Mak Kin-ming is the head of the Records and Data Management Division of the Immigration Department. He is the Principal Immigration Officer responsible for overseeing the proper management of departmental records in compliance with the provisions of the Personal Data (Privacy) Ordinance and the Code on Access to Information.

Mr Mak joined the Immigration Department in 1974. He has taken part in various IT projects.

These included the 1st Information Systems Strategy Studies in 1991, implementation of the Processing Automation System in 1994, setting up of the Immigration Control Automation System for the Hong Kong International Airport in 1998 and the Information Systems Strategy Review in 1999. He is now responsible for the implementation of the Electronic Records Programme and the Data Warehousing – Management Information System under the Updated Information Systems Strategy of the Department.