Revised: 06/30/2009
1. Purpose.
This policy defines the standards that govern the use of wireless communication equipment to access the TCCC-RYSS Information Technology Network.
2. Scope.
This policy covers all wireless data communication devices, including, but not limited to, personal computers, cellular phones, and wireless access points (WAPs) connected to the TCCC-RYSS Information Technology Network. This includes any form of wireless communication device capable of transmitting packet data. Wireless devices or Networks that do not connect to the TCCC-RYSS Information Technology Network are not subject to this policy. TCCC-RYSS Computer Lab Wireless Networks fall under the TCCC-RYSS Computer Lab Wireless Policy.
3. Policy.
Use of Wireless Equipment
Authorized Users may only access the TCCC-RYSS Information Technology Network via wireless systems that meet the criteria set forth in this policy, unless they have been granted a written waiver by Information Security personnel.
Register Access Points and Cards
All WAPs and base stations connected to the TCCC-RYSS Information Technology Network must be registered with and approved by Information Security personnel. Use of these devices by Authorized Users subjects the devices to periodic penetration tests and audits by Information Security. All Wireless Network interface cards used in resources owned by TCCC-RYSS must be registered with the Information Technology Services department.
Approved Technology
All wireless Local Area Network (LAN) access must use vendor products and Security configurations approved by Information Security personnel before being connected to the TCCC-RYSS Information Technology Network.
VPN Encryption and Authentication
All computers with wireless LAN devices intended for connection to the TCCC-RYSS Information Technology Network for the purpose of conducting TCCC-RYSS business must utilize a Virtual Private Network (VPN) configured to drop all unauthenticated and unencrypted traffic, and must be approved by Information Security personnel before being connected to the TCCC-RYSS Information Technology Network. To comply with this policy, Authorized Users must use wireless implementations that maintain point-to-point Hardware Encryption of at least 128 bits. All implementations must support a Hardware address that can be registered and tracked (e.g. a Media Access Control address). All implementations must support and employ strong User Authentication.
Setting the SSID
The Authorized User must configure the Service Set Identifier (SSID) so that it does not contain any identifying information about TCCC-RYSS, such as the TCCC-RYSS name, division title, employee name, or product identifier.
4. Enforcement.
Any Authorized User found to be in violation of this policy will be considered an Unauthorized User, and as such are subject to disciplinary action pursuant with the Enforcement section of the Unauthorized Use Policy
