08:18:00 - Network Access
|
|
- Introduction: Technology Division is responsible for ensuring the network, both wired and wireless, is Chattanooga State’s first line of defense against viruses, worms, hackers, and individual misuse that can compromise the critical computer systems and data that support Chattanooga State’s business. The standards described herein are those Technology Division intends to use in the normal operation of its network systems. This document does not waive any claim that the College may have ownership or control of any hardware, software, or data created on, stored on, or transmitted through College computing systems. This policy functions as network standards and specifies security requirements for the College network, both wired and wireless. It also specifies the requirements for using wireless technologies and for accessing Chattanooga State computer systems from off campus.
- These standards apply to all Chattanooga State faculty/staff, students, authorized users, contractors and visitors that have access to College facilities, computing resources or College data. It impacts all inside and outside networks, (e.g., LAN, WAN, WLAN, wired, wireless, etc.), wireless access points (i.e., WAPs), routers, bridges, hubs, modems and various peripheral equipment. All wireless network access devices and technologies that provide a bridge between the College’s wireless and wired networks (hereafter “wireless access points”), or any device that is designed to communicate with such a device via the College’s wireless network.
- Wired and wireless networks must comply with any and all Chattanooga State guidelines/standards related to College networks and computer systems. Chattanooga State Technology Division has the responsibility and authority to scan computers attached to the Chattanooga State networks to ensure appropriate security, and support network operations and performance. The Technology Division reserves the right to restrict access to services and resources that are disruptive to its networks, or pose a threat to the College information security, audit or accreditation status. No change to any wired/wireless network device, hub, router, switch, ports, firewall configurations, including changes to any device within network closets throughout the campuses will be done without prior Technology Division network approval and a service request.
- Network connections are deployed to benefit the entire College and support its missions of education. These network connections are not to be used to provide commercial services not related to the College’s missions nor shall they be used in any illegal activities. Network wiring, component, software and hardware requirements shall be documented for all Chattanooga State networks. College networks should be designed and implemented to the extent technically and reasonably possible so that:
- No single point of failure, such as a central switching center, could cause network services to be unavailable.
- Critical communications may immediately be sent via multiple long distance carriers over physically diverse routes.
- Firewall configurations must prohibit direct public access between the Internet and any system component in the cardholder data environment. All in-bound dial-up lines to administrative and research computer systems shall be protected with extended user authentication systems. Both ends of a dial-up connection shall be dropped when the access session is terminated.
2. Direct network connections between any Chattanooga State network carrying administrative or research data and computers at external organizations via the Internet or any other public network, are prohibited unless accesses through an approved method. Adequate controls exist to restrict access to and use of network troubleshooting equipment, audit and network management software.
D. Wireless networks do not offer the same performance, stability or security as wired networks. The wireless network should be thought of as an extension of the wired network to promote mobility. This section outlines the processes, requirements and standards needed to implement a secure, reliable and usable wireless network at Chattanooga State.
- Wireless access points should be installed in designated areas by authorized Technology Network personnel to prevent unauthorized access and physical tampering. Wireless clients accessing the campus wired infrastructure must meet certain data networking and security standards to ensure that authorized and authenticated users are able to connect to the campus network and that College computing resources are not exposed to unauthorized users.
- Access control and security mechanisms such as gateways, firewalls and network-based intrusion-detection systems will be deployed.
E. All access via the wireless infrastructure requires user authentication or use of the wireless guest network. Wireless clients must not be used for connecting to campus business systems such as Human Resources and Financials, student information, or other systems that contain confidential data, or are critical to the mission of Chattanooga State unless using encryption protocols or other appropriate and equally secure methods. No portion of access to these systems, or saving/printing related data will be conducted on a wireless medium without appropriate security. Applications access via the wireless infrastructure shall include appropriate password and data protection controls.
F. Research groups and labs should be aware that conditions of some federal grants include data confidentiality and protection. No data or network protection can be guaranteed on wireless networks.
References:
1. Payment Card Industry (PCI) Compliance and Questionnaire 2. 1. National Institute of Standards and Technology,
2. Special Publication 800-46 Rev 2, Guide to Enterprise Telework, Remote Access and Bring Your Own Device (BYOD) Security, 7/2016
3 The State of Tennessee Department of Finance and Administration Strategic Security Program, 12/15/2016
4. Additionally, other College Policies, Guidelines, Standards, and/or campus procedures might impose certain restrictions that are not specifically covered by state and federal statue or regulations.
5. Chattanooga State Technology Division Policy 08:14:01 Responsible Use Policy, 9/30/2018
Submitted to Policy Review Committee on October 24, 2018
Submitted to Policy Review Board on November 30, 2018
Approved by Policy Review Board on December 6, 2018
|