Wireless Communication Policy
This policy prohibits access to Stephens networks via unsecured wireless communication mechanisms. Only wireless systems that meet the criteria of this policy or have been granted an exclusive waiver by Campus Computing are approved for connectivity to Stephens networks.
This policy covers all wireless data communication devices (e.g., personal computers, cellular phones, PDAs, etc.) connected to any of Stephens internal networks. This includes any form of wireless communication device capable of transmitting packet data. Wireless devices and/or networks without any connectivity to Stephens networks do not fall under the purview of this policy.
3.0. REGISTER ACCESS POINTS & CARDS
All wireless Access Points / Base Stations connected to the Stephens network must be registered and approved by Campus Computing. These Access Points / Base Stations are subject to periodic penetration tests and audits. All wireless Network Interface Cards (i.e., PC cards) connected to the Stephens network must be registered with Campus Computing.
3.1. APPROVED TECHNOLOGY
All wireless LAN access must use campus computing-approved vendor products and security configurations.
3.2. SETTING THE SSID
The SSID shall be configured so that it does not contain any identifying information about the organization, such as the company name, division title, employee name, or product identifier.
4.0 Enforcement & Compliance
Any person found to have violated this policy may be subject to disciplinary action.
4.1. VPN ENCRYPTION & AUTHENTICATION
All computers with wireless LAN devices must utilize a campus computing-approved Virtual Private Network (VPN) configured to drop all unauthenticated and unencrypted traffic. To comply with this policy, wireless implementations must maintain point to point hardware encryption of at least 56 bits. All implementations must support a hardware address that can be registered and tracked, i.e., a MAC address. All implementations must support and employ strong user authentication which checks against an external database such as TACACS+, RADIUS or something similar.