Wireless Communication Policy (October 13, 2005)

safflowerpepperoniMobile - Wireless

Nov 24, 2013 (3 years and 7 months ago)

75 views

Created:
10
/
13
/
2005

[
rmy
]

Revis
ed On
:
11/24/2013

[rmy
]

Version 1.0


UWG
Wireless Communication Policy

Page
1

of
4

U
WG
-
PolicyTemplat
e
-
v1.0.doc


Wireless Communication Policy

(October 13, 2005)



1.0
Authority


The University of West Georgia (UWG)
utilizes its Campus Security Plan to identify,
create and maintain appropriate IT policies necessary to ensure the security of IT
resources at the inst
itution. This policy’s need is justified by meeting an identified plan
objective listed in section 1.2 below.

This policy is in conformance with

the Policy
Manual of the Board of Regents (BOR) of the University System of Georgia. A copy of
the BOR Policy

Manual can be obtained at
http://www.usg.edu/regents/policymanual/
.


1.1

Availability

Upon initial approval and any subsequent approved revisions of this policy, the
affected individuals identified in

the Scope below will be notified of the new/revised
policy via email, the campus portal, written communication or some other form of
communication that provides general notification of the policy acceptance or change.

These policies are freely available t
o everyone. Copies can be obtained on the web
at
http://policy.westga.edu
.


1.2

Campus Security Plan Reference

This policy
addresses items
12.
3

of the

Campus Security Plan for the University of
West Georgia
.



2.0
Purpose



The purpose of the Wireless Communication Policy is
t
o establish a UWG policy
regarding appropriate use, deployment, and management of wireless data
communication devices
.


2.1 Policy Type

This policy shall conform to the requirements for

a
n

Issue
-
specific

policy as
outlined in the Campus Security Plan



3.0 Scope


This policy applies to all UWG faculty, staff and students, in addition to any guests who
are authorized to use the University's computers and/or data network. This policy cover
s
all wireless data communication devices (e.g., personal computers, cellular phones,
PDAs, etc.) connected to
the UWG campus network
. This includes any form of wireless
communication device capable of transmitting packet data. Wireless devices and/or
Created:
10
/
13
/
2005

[
rmy
]

Revis
ed On
:
11/24/2013

[rmy
]

Version 1.0


UWG
Wireless Communication Policy

Page
2

of
4

U
WG
-
PolicyTemplat
e
-
v1.0.doc

netw
orks without any connectivity to
the UWG campus network

do not fall under the
purview of this policy.



4
.0
Policy


This policy prohibits access to the University of West Georgia (UWG)
campus network

via wireless communication mechanisms other than those s
pecifically provided or
approved by ITS for this purpose. Wireless client devices will not allow ad hoc wireless
networking or direct peer
-
to
-
peer wireless networking. Only wireless systems that meet
the criteria of this policy or have been granted an ex
clusive waiver by ITS are approved
for connectivity to UWG's
campus
network. Use of the University's computing and
network resources constitute an acceptance of this policy.


4.1 Registration of Wireless Data Communication Devices

All wireless data commu
nication devices connected to the campus network must
be registered and approved by ITS. These devices are subject to periodic
penetration tests and audits.
Unregistered
or
rogue
devices

will be disabled or
removed upon discovery.


4.2 Approved Technolog
y

All wireless LAN access must use vendor products that are capable of utilizing or
meeting UWG defined protocols, encryption types and other required security
configurations.


4.3 VPN Encryption and Authentication

All computers with wireless LAN devices m
ust utilize an ITS
-
approved Virtual
Private Network (VPN) configured to drop all unauthenticated and unencrypted
traffic. To comply with this policy, wireless implementations must maintain point
to point hardware encryption of at least 56 bits. All imple
mentations must
support a hardware address that can be registered and tracked, i.e., a MAC
address. All implementations must support and employ strong user
authentication which checks against an external database such as TACACS+,
RADIUS or something simila
r.


4.4 Access Point Management

All access points connected to the campus network will be centrally managed
and maintained by ITS.


5.0
Compliance



Compliance with this policy is as indicated in UWG Security Plan.


5.1 Responsibilities

and Implementation

Created:
10
/
13
/
2005

[
rmy
]

Revis
ed On
:
11/24/2013

[rmy
]

Version 1.0


UWG
Wireless Communication Policy

Page
3

of
4

U
WG
-
PolicyTemplat
e
-
v1.0.doc

Compliance with this policy is the responsibility of each UWG participant
unit/organization IT department
.

Implementation is the responsibility of the
Information Technology Services network office.




5.2
Enforcement


The Information Technology Service
s network office will ensure no unauthorized
wireless data communication devices continue to operate on the campus network.


5.
3

Disciplinary Process


Disciplinary actions
will be handled via existing Institutional governing bodies and
procedures.


5.
4

Cla
rification/Interpretation Process

Requests for clarification or appeals will
first
be directed to the Technology Planning
Committee for review. The Faculty Senate
has

final
review
authority.



6.0
References


6.1
Definitions


TACACS
-

Terminal Access Cont
roller Access Control System (TACACS) is a
remote authentication protocol that is used to communicate with an authentication
server commonly used in UNIX networks. TACACS allows a remote access server
to communicate with an authentication server in order t
o determine if the user has
access to the network.

RADIUS
-

(Remote Authentication Dial In User Service) is an Authentication,
Authorization and Accounting (AAA) protocol for applications such as network
access or IP mobility.


General definitions for this

policy can be obtained on the web at
http://policy.westga.edu



7.0

Policy Review


The UWG Information Security Officer will review this policy in conjunction with major
changes to the information infrastructure,
as part of UWG’s participation in system
security audits, after each breach in system security, or every two years.


7.1 Review Process

Responsible parties referenced in section 5.1 of this policy will
review and submit
revisions per section
2

of the

Camp
us Security Plan for the University of West
Georgia.


7.2 Approval Dates

Created:
10
/
13
/
2005

[
rmy
]

Revis
ed On
:
11/24/2013

[rmy
]

Version 1.0


UWG
Wireless Communication Policy

Page
4

of
4

U
WG
-
PolicyTemplat
e
-
v1.0.doc

N/A


7.3 Revisions

N/A