Physical Network Access Policy

Title: Physical Network Access Policy
Policy Owner: University Information Technology Services
Applies to: Faculty, Staff
Campus Applicability:  Storrs and Regional Campuses
Effective Date: November 18, 2008
For More Information, Contact University Information Technology Services
Contact Information: (860) 486- 4357
Official Website: http://uits.uconn.edu/

 

Background and Reasons for the Policy: The University of Connecticut views the University Network as an asset of the University. The Network must be protected to comply with the policies of the University and to meet requirements of Federal and State laws such as the:

  • Family Rights and Privacy Act (FERPA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Electronic Communications Privacy Act (ECPA)
  • Gramm-Leach-Bliley Act (GLBA)
  • Children’s Online Privacy Protection Act (COPPA)
  • Freedom of Information Action (FOIA)
  • ConnecticutPersonal Data Act

Purpose of Policy: The purpose of this policy is to ensure the integrity and stability of the University Network and to ensure an integrated and sustained development of the University’s telecommunications network, consistent with allocations of resources appropriate to the University’s priorities.

Expected Institutional Outcome: This policy will help the University community to:

  • Reduce the time required to respond to network security incidents
  • Reduce the time required to resolve network incidents
  • Reduce the total impact of network incidents
  • Reduce the probability of the recurrence of a type of network incident

Definitions:

University Network: The University Network is comprised of the network hardware and infrastructure, and the services to support them, from the data jack to the University’s Internet Service Provider’s (ISP) connection. The University Network begins at the end-user’s wall jack and ends where we connect to the Internet.

Policy Statement:

  1. The wiring and electronic components of the network are deemed part of the basic infrastructure and utility services of the University. Installation and maintenance of that network are to be considered part of the “up front” basic required building and renovation costs, and are not considered discretionary options in construction and renovation design.
  2. Standards for the network wiring, electrical components and their enclosures are defined by University Information Technology Services (UITS), subject to Building and Grounds (B&G) oversight, and are considered part of the University’s “building code” to which installations must conform.
  3. Upgrades to our campus network will be done as part of a University-wide Network Master Plan.  This Network Master Plan will be coordinated with the University’s Building Master.
  4. Provision will be made in the Network Master Plan for the installation of wireless telecommunication technology on all University campuses. Wireless technology is considered a supplement to, not a replacement of, hardwire connectivity.  UITS Network Engineering in consultation with the “Wireless Advisory Committee” will implement wireless technology by buildings or areas where that technology is deemed the most appropriate solution to an academic or communications need.
  5. Units who desire to include wired/wireless access within their operation should include such specifications in their programmatic design reviews with Architecture and Engineering (A&E) Services.  A&E Services will coordinate such decision-making and design activities with UITS Network Engineering to ensure conformity with applicable standards for wired/wireless installations.
  6. Units desiring to install wired/wireless technology, or to change the programmatic function or use of a room to newly include a wired/wireless activity, and to do so from their own funding, must work directly with UITS Network Engineering for design services and standards requirements.  UITS Network Engineering will thereby ensure that all changes to the wired network conform to applicable standards.
  7. Units choosing to install and establish their own security through the use of local firewalls and/or VPNs must allow UITS Network Engineering access through these devices into the active network segments. This will give Network Engineering the ability to see beyond the secure points of the network for diagnosing problems potentially affecting the overall network.
  8. Units wishing to design, install and maintain their own network must have their designs reviewed by UITS Network Engineering. All installations must conform to the standards set forth in the UITS Design Guide and Standards. Before equipment is purchased the requesting entity must submit technical specifications of the equipment to be used in the project, along with the logical and physical design maps, for UITS approval to ensure network compatibility and service conformance. UITS Network Engineering will provide the department with an approval letter which can be submitted to Purchasing with the purchase request.
  9. Units electing to install and support their own networks, and who require assistance from UITS Network Engineering in that installation and for ongoing support, will be billed for such services at the appropriate prevailing rates. A pre-negotiated network demarcation point will be identified in these cases. UITS Network Engineering will be responsible from the demarcation point out to the network; the unit will be responsible from the demarcation point to the end devices.

Responsibilities: UITS Network Engineering staff, along with University officials with delegated responsibilities for departmental network segments, are responsible for the well being and integrity of the resources (including the facility, equipment, software and data) that are within their control and/or protection.  They are also responsible for ensuring that they remain knowledgeable about regulatory and University Network requirements impacting their segments.  They may delegate the management processes for those resources to system administrators who they feel to be properly trained.

Departments and units must adhere to all appropriate UITS Network Engineering support protocols when developing and or maintaining network segments.  The processes and technologies instituted by departments must achieve the minimum level of protection for network technology resources as defined by UITS Network Engineering.  They may provide additional protections as needed when stricter requirements apply to the departments or operating units.  When designing or implementing networking policies, procedures, or technical solutions that respond to unique departmental needs, the departments should ensure that they are in compliance with the policy statements listed above.

 

Enforcement and Review:

The Chief Information Officer has overall responsibility for this policy.

The Chief Information Officer will review this policy on a bi-annual basis and respond to formal complaints resulting from the implementation of this policy.

Any individual who suspects a violation of this policy may report it to the Compliance Office in the Office of Audit, Compliance and Ethics at (860) 486-4526, or anonymously through the Reportline (https://www.compliance-helpline.com/uconncares.jsp). Violations of this policy may result in appropriate disciplinary measures in accordance with University Laws and Bylaws, General Rules of Conduct for All University Employees, applicable collective bargaining agreements, and the University of Connecticut Student Conduct Code.

Policy Implementation Guidelines: Departments requesting to manage their own network segments or install networked equipment on the University network should also refer to http://itpolicy.uconn.edu/ , where UITS maintains a set of documents for policies, procedures, guidelines, and standards that provide additional detail.

All of the procedures used to support this policy are currently used by UITS Network Engineering.  For further information about using these procedures as models for developing departmental procedures, departments may contact UITS Network Engineering.