IIUM Wireless Policy

Custom Search

1.0 OBJECTIVE

The objective of this policy is to prohibit the access to IIUM networks via unsecured wireless communication mechanisms. Only the wireless system that meets the criteria of this policy or that has been granted an exclusive waiver by the Director of ITD is approved for connectivity to IIUM network.

2.0 SCOPE

This policy covers all wireless data communication devices which are connected to any of IIUM’s internal networks or that are residing on IIUM property. This policy also applies to any form of wireless communication device capable of transmitting packet data.
Previously existing connections should not be an exception, unless a waiver explaining why compliance is not met and outlining a migration plan which is approved by the Director of ITD.

3.0 POLICY STATEMENT

The policy statements are as follows;
1. Devices connected to the IIUM network must adhere to current IIUM ICT standards. These standards are subject to change on short notice, or without notice if a security threat arises.

2. ITD maintains an official wireless network distributed over the entire campus. The official wireless network is configured with a user authentication system suitable for the IIUM community use.  This is the only network that is approved to offer wireless services to the IIUM community.  Any wireless devices found to interfere with this network will be disconnected.

3. All Wireless Access Points / Base Stations connected to the University network must be registered and approved by ITD. These Wireless Access Points / Base Stations are subject to periodic penetration tests and audits.

4. Vendor products and security configurations of all wireless Local Area Network access must be approved by ITD.

5. All wireless Local Area Network must be configured to drop all unauthenticated and unencrypted traffic. Wireless implementations must maintain point to point hardware encryption compliant to current standards. All implementations must support a hardware address that can be registered and tracked. All implementations must support and employ strong user authentication which checks against an external database.

6. When possible, the SSID should not broadcast the name to reduce possible unauthorized connections.

7. When a wireless network is connected to the IIUM network, the connected machines are also subject to the same rules and regulations that apply to IIUM-owned equipment.

4.0 RESPONSIBLITY FOR IMPLEMENTATION

The responsibility for the implementation of this policy is with the Head of Department, Network and Telecommunication Department, ITD.

5.0 ENTITIES AFFECTED BY THIS POLICY

Any of IIUM staff, student s, consultants, contractors, vendors and others who install, manage and use networking facilities.

6.0 ENFORCEMENT

Anyone found to have violated this policy may be subject to loss of certain privileges or services. Possible disciplinary actions may be proposed to the relevant higher authority.

Šiium wireless. All right reserved.