Please cooperate with the following to implement our school’s information security:

Information Security Policy and Objectives: For information security policies, objectives, and updates, please visit the National Central University Information Security section through any of the following methods:

1. From the NCU homepage -> About NCU -> Understanding NCU -> Public Information -> School Affairs -> National Central University Information Security section.
2. From the NCU Computing Center website -> General Services -> Information Security section.
3. Directly via the URL: https://www.cc.ncu.edu.tw/p/412-1000-109.php.

Please regularly check the “Update Status and Settings” of your information equipment and the “Security of Network Browsing Operations.”

Email:

• Do not click on emails from unknown sources or emails you do not usually receive (e.g., change notifications, salary increase notifications, promotional messages, or news headlines that entice you to open and click).
• The “Ministry of Education Taiwan Academic Network Malicious Email Social Engineering Drill” is conducted twice a year, around May-June and September. Test emails will be sent to each participant for statistical analysis, including the number and rate of emails previewed, links clicked, or attachments opened.
• This drill is mainly to remind everyone to be cautious of emails from strangers or unusual emails and not to click out of curiosity.

Messages:

• Do not leak unverified or confidential messages or emails.

Computer:

• The operating system should be updated for security.
• Install antivirus software (Microsoft Defender can be enabled), and set virus definitions to update automatically.
• Passwords should meet the password requirements, be at least 8 characters long, and be updated regularly.
• Set up a screen saver mechanism (activate if the computer is unused for 15 minutes).

Network:

• Ensure the browser is the latest version.
• Set the DNS of on-campus computers to 140.115.1.31 and 140.115.19.42.

Software:

• Regularly update application software (such as JAVA/Adobe Reader) to the latest version.
• It is strictly forbidden to download or use illegal software and files.

IoT Devices (network printers, network cameras, NAS, etc.):

• Change the default password.
• Update the firmware to the latest version.

Others:

• Encrypt files before transferring them.
• Government agencies must not use information and communication products with security concerns.
• Government agencies must not purchase Chinese brand information and communication products (including hardware, software, and services).
• New regulations for self-operated or outsourced public activities or venues also prohibit the use of Chinese brand information and communication products.
• Chinese brand information and communication products should immediately stop interfacing with the public service environment and be replaced as soon as possible.
• For the definition of information and communication products, please refer to the inventory principles.
• There are many Chinese brands. Common Chinese brands in the public service environment include but are not limited to the following (if you cannot determine, it is recommended to ask the vendor for proof or search for the brand information online):
  • Hikvision
  • Huawei
  • DJI
  • TP-Link
  • OPPO
  • Xiaomi
  • Dahua
  • EMO