Weather Services and IT Security
Weather Services and IT Security
WONG Li-man
December 2014
The mission of the Hong Kong Observatory is to provide people-oriented quality services in meteorology and related fields, and to enhance the society's capability in natural disaster prevention and response, through science, innovation and partnership. To fulfill this mission, the Observatory has made use of computing systems since 1968 to provide solid platform in support of the delivery of these services. Advanced information technology (IT) systems, say high performance computers as an example, were introduced as early as 1999 to process vast amount of meteorological and geophysical data for provision of weather and related services.
People using mobile devices to acquire up-to-date information from the Internet have become very popular nowadays. The Observatory has introduced different web services such as MyObservatory mobile app, Weather Wizard, Weather Banner, Web Clock and SWIdget. Weather and geophysical information is also disseminated to the public via Twitter, Sina Weibo and RSS, etc. . The Observatory's website was one of the top ten ".hk" websites in years 2010, 2011 and 2013. The "Weather Services on Geographic Information System" of the Observatory also won the "Best Lifestyle (Learning & Living) Bronze Award" in the "Hong Kong Information and Communication Technology (ICT) Awards" in 2014.
IT is a fast growing industry, particularly in emerging areas, such as cloud technology, social media and related services. IT improves the quality of living, but it also introduces security issues to IT developers. The Observatory faces the same challenge when utilizing advanced IT in the development of applications and the provision of services. In fact, secured IT systems are the building blocks and enablers for timely dissemination of weather forecasts and warnings, which is essential to ensuring quality services.
The fundamental concept of information security includes "Confidentiality", "Integrity" and "Availability" of information. "Confidentiality" is a set of rules that limits access or places restrictions on the use of certain types of information, such as access control over classified information like restricted or confidential document. "Integrity" means maintaining and assuring the accuracy and consistency of information over its entire life-cycle. The information has to be well secured such that altering or destroy of data caused by any system faults or human maliciousness will not occur. "Availability" is to ensure that the information should be available when it is needed. Systems that provide information have to be protected from service disruptions due to power outages, hardware failures, system upgrades and malicious attacks, etc.
The Hong Kong Observatory commits to complying with the Government IT security standards. IT security risk assessments and audits for computing systems are conducted regularly. The Observatory also adopts the Government information security incident response procedures to coordinate with other Government departments to protect the information in response to any information security incidents.