OCIO provides departmental private cloud service for the hosting of departmental servers and websites on the Virtual Machine (VM). The virtual servers provided are functionally similar to a physical server. Housed in the University's Data Centres, these servers are closely monitored, well protected by the central firewalls, and regularly checked for vulnerability risk with daily system backup for up to 7 working days. The service is targeted to reduce the department’s workload and the cost of looking after their own equipment.

The basic private cloud service is free to faculties/departments/units. Please complete the Private Cloud Application Form (F022) at ocio/forms.

Meanwhile, the departmental/functional website service, which uses our central web servers, is recommended for websites that have no server-based applications, such as PHP/JSP/ASP. Users should apply for a functional UNIX account and upload the web content. Please complete the Functional Account Application Form (F003) at ocio/forms.


Service Level and User Responsibilities:

  1. The private cloud service offered by OCIO should be used solely for the purposes of the University. User departments should follow the University's Computing Policies and Regulations. OCIO checks the usage of the VM annually (in Dec usually) and we reserve the right to ask the owners to retire VMs with low usage.
  2. OCIO provides a bare-bone VM residing in Data Centres with high availability and mirrored disk storage. User departments are responsible for all the installation, maintenance, back up and restoration of data and software packages installed. They are also responsible for generating a Certificate Signing Request (CSR) for OCIO to purchase the Secure Sockets Layer (SSL) certificate that user departments have to install. OCIO will conduct vulnerability scanning on both the Operating System and Web Application levels. Applicants must resolve risks stated in the vulnerability scanning reports and as per OCIO’s advice before launching the server to the public. In addition, they must ensure that the software packages installed in VM are licensed and used according to the license agreement concerned. No container software (e.g. Docker) is allowed.
  3. User departments must inform and coordinate with OCIO to install a Security Agent (e.g. Endpoint Detection and Response Agent) for security reasons. Moreover, user departments should take reasonable measures to safeguard the information security of data kept in the departmental VM servers. OCIO conducts monthly vulnerability scanning on both the Operating System and Web Application levels and we reserve the right to take down the departmental VM servers in question to ensure the overall network and computing services are not affected. Please refer to the University’s Information Security Policy (http://www.eduhk.hk/infosec) for more information.
  4. User departments must inform OCIO should there be any changes to the owner (or applicant for the service) of the departmental VM server. OCIO reserves the right to take down unattended ones without prior notice.
  5. If the departmental VM server is administered by non-EdUHK personnel, such as contractors or outsourced service providers, user departments should ensure they are aware of all the requirements of the VM service. They are required to come to campus to conduct any system maintenance as remote access for system maintenance is not recommended for security reasons.
  6. OCIO provides a VM-wide restoration of daily system backup for up to 7 working days upon request from the user department concerned. User departments should make necessary arrangements for data backup and restoration.