Your Location: Park.edu Home > Information Security > Policies and Procedures > HTML Contents
Information Technology Policies and Procedures
Wireless Communication Policy
This policy defines the standards that govern the use of wireless communication equipment to access the University Information Technology Network.
This policy covers all wireless data communication devices, including, but not limited to, personal computers, cellular phones, and wireless access points (WAPs) connected to the University Information Technology Network. This includes any form of wireless communication device capable of transmitting packet data. Wireless devices or Networks that do not connect to the University Information Technology Network are not subject to this policy. University Computer Lab Wireless Networks fall under the University Computer Lab Wireless Policy.
Use of Wireless Equipment
Authorized Users may only access the University Information Technology Network via wireless systems that meet the criteria set forth in this policy, unless they have been granted a written waiver by Information Security personnel.
Register Access Points and Cards
All WAPs and base stations connected to the University Information Technology Network must be registered with and approved by Information Security personnel. Use of these devices by Authorized Users subjects the devices to periodic penetration tests and audits by Information Security. All Wireless Network interface cards used in resources owned by the University must be registered with the Information Technology Services department.
All wireless Local Area Network (LAN) access must use vendor products and Security configurations approved by Information Security personnel before being connected to the University Information Technology Network.
VPN Encryption and Authentication
All computers with wireless LAN devices intended for connection to the University Information Technology Network for the purpose of conducting University business must utilize a Virtual Private Network (VPN) configured to drop all unauthenticated and unencrypted traffic, and must be approved by Information Security personnel before being connected to the University Information Technology Network. To comply with this policy, Authorized Users must use wireless implementations that maintain point-to-point Hardware Encryption of at least 128 bits. All implementations must support a Hardware address that can be registered and tracked (e.g. a Media Access Control address). All implementations must support and employ strong User Authentication.
Setting the SSID
The Authorized User must configure the Service Set Identifier (SSID) so that it does not contain any identifying information about the University, such as the University name, division title, employee name, or product identifier.
Any Authorized User found to be in violation of this policy will be considered an Unauthorized User, and as such are subject to disciplinary action pursuant with the Enforcement section of the Unauthorized Use Policy.Back to Contents