Information Security – Wireless Network Policy [#2014-08]

A.     EFFECTIVE DATE : July 9, 2018
B.     POLICY SPONSOR: Vice President & Chief Information Officer
C.      PURPOSE : To ensure wireless network security and integrity, to protect the integrity of connected computing systems, and to minimize interference between wireless networks and other electronic resources deployed throughout UConn Health.
D.     POLICY : 1.      UConn Health reserves the right to restrict the use of any and all wireless devices in UConn Health buildings and all outdoor spaces on UConn Health property, whether leased or owned.

2.      UConn Health Information Technology (IT) must be consulted for coordination of engineering, installation, maintenance, and operation of wireless networks serving, or on any property owned or leased by, UConn Health.

3.      Any independently installed wireless communications equipment, which has not been approved by UConn Health IT, is prohibited, subject to removal from service without notice, and may be confiscated.

4.      All wireless network devices, including wireless access points/routers, building monitoring systems, classroom presentation/response systems, security systems, retail systems, and wireless research endeavors must be secured, in accordance with the Wireless Network Device Secure Configuration Standards.

5.      All wireless access points that connect clients to the internal network shall require users to provide unique authentication.

6.      Wireless access point device owners are responsible for updating software, hardware and firmware of devices to address security vulnerabilities.

7.      The use of wireless networks at UConn Health shall be subject to all other policies and guidelines, as may be applicable.

E.      SCOPE : This policy applies to all UConn Health Workforce, Business Associates, Non-Workforce, and all other individuals granted access to UConn Health electronic resources. The policy applies to all computing and networking equipment owned, leased, operated, or contracted by UConn Health.
F.      PROCEDURES, GUIDELINES AND PROTOCOLS : Wireless Network Device Secure Configuration Standards – (Restricted Access – Contact Information Security Office)
G.     REFERENCES : None
H.     RELATED POLICIES : None
I.       SEARCH WORDS : Wireless, Network
J.       ENFORCEMENT: Violations of this policy may result in appropriate disciplinary measures in accordance with University By-Laws, General Rules of Conduct for All University Employees, applicable collective bargaining agreements, the University of Connecticut Student Code, other applicable University Policies, or as outlined in the procedures document related to this policy.
K.      APPROVED : By:  Scott Jordan, Executive VP for Administration and CFO

Date:  12/05/18

 

By:  Alan Calandro, Administrative Policy Committee Chair

Date:  12/05/18

L.      REVISION HISTORY : 1.      New Policy Approved: 11/18/2014

2.      Revised: 7/9/18

3.      Revised:  12/5/18

 

[ END OF POLICY ]