Approved Administrative Committee 1695.7
1. This policy provides guidelines and direction for wireless communications.
Since this technology has no physical boundaries, security is easily compromised and thus, of big concern. Wireless technology is a potential source of interference to devices that use other types of communications technologies.
SCOPE OF APPLICATION
2. This policy applies to all devices that use wireless communications, using 802.11 standards and Bluetooth.
3. The policy also applies to:
- the security of the campus network;
- the applications that connect to wireless networks;
- the wireless technology and devices that are used to communicate between the client workstations and the wireless networks.
4. To establish and maintain wireless networks that are secure and functional.
5. To ensure a reasonable and viable allocation of operating ranges, the powering of wireless network components, the power distribution and the placement of wireless transmission equipment.
6. To apply safeguards against interference with other University of Ottawa networks.
7. To define security measures that protect the University's intellectual and financial resources against unauthorized and unauthenticated access.
8. To ensure security of the data transported over University networks by demanding that C.C.S. approve the encryption methods for all wireless networks.
9 C.C.S.: the abbreviation for "Computing and Communications Services".
10. Wireless: a combination of applications and hardware elements that allow the transmission of data and potentially voice communications using airways.
11. Director: the Director of Computing and Communications Services and, where applicable, his/her representative.
This policy must be read in conjunction with:
- Policy No. 80 "Computing and Information Processing"
- Policy No. 84 "Computing Center - Role and Responsibilities"
- Procedure Computing 17-1 "Acquisition of Information Processing Equipment, Software and Services"
- Procedure EDP Security 21-5 "Observance of Computer Program Copyright and Software Licenses"
- Policy No. 36 "Supply of Goods and Services"
- Policy No. 43 "Purchase of Furnishings and Equipment for Capital Projects".
12. C.C.S. approves the equipment and the location of all wireless networks and transmission components. This includes the allocation of frequency, the powering of devices via the network and the placement of antennae that will be used in conjunction with all wireless data networks. Approval must be obtained before any equipment is purchased.
13. A wireless network that causes service interruption to any University network will be shut down.
14. Research activities on wireless technology are exempt from guideline #12 but are subject to guideline #13. We strongly encourage you to report these activities to C.C.S.
15. C.C.S. manages all wireless data networks that are not intended for research.
16. Wireless networks must have authenticated logins and log files to track usage. Anonymous or unauthorized access to the campus network is not permitted.
17. C.C.S. approves encryption methodologies for all wireless data. To access any of the University's administrative systems via a wireless network, approved encryption methodologies must be in place.
18. Wireless network coverage must be confined to a targeted area and must not leak beyond the intended area.
19. Passwords must be encrypted on all wireless networks.
20. After consultation, the Director will review and update the policy annually.
CONFLICT OF INTEREST
21. Everyone empowered with responsibilities attached to this policy must observe Policy No. 70 "Conflict of Interest - Members of Staff".
22. C.C.S. is responsible for reviewing the standards, evaluating alternatives, and making recommendations for wireless data products and services that provide secured, authenticated and authorized access to University resources.
23. C.C.S. is responsible for the integration of wireless networks with the larger internal network.
24. Users must follow Policy 116 on IT Resources Acceptable Use.
25. It is the responsibility of the Director, in conjunction with the faculty/service administrators and deans/directors, to apply this policy.
TECHNICAL EVALUATION AND REVIEW
26. The Assistant Director (Communications sector) or his/her designate is responsible for the technical evaluation and review of all wireless data networks.
27. Your request for approval for a wireless data network intended for University usage should be addressed to the Assistant Director (Communications sector).
SETTING THE STANDARDS
28. C.C.S., in consultation with the University's user community, analyzes the business requirements and makes recommendations for the hardware and software standards that should be used.
29. The Director is responsible for the interpretation of this policy.
30. There may be legitimate reasons for an exemption to the standards. Refer these cases to the Director.
Published March 5, 2003
(Computing and Communications Services)