XVII. Use of Wireless Networking Devices

I. Purpose:

To establish policy regarding the use of wireless devices on the college’s
network.

II. Scope:

This policy applies to all areas of Metropolitan State College of Denver.

III. Introduction:

The college’s computer network (both wired and wireless) exists to support
the college’s educational mission and related business functions. The network
provides access to information and other resources that are important to all of
the college’s educational and business units. Some of the information consists
of confidential, personal data about members of the College community. It is
very important that the network provide continuous access to, and reasonable
security for, the confidential data and other resources on which the entire
community depends.

The deployment of unauthorized or improperly configured wireless devices
poses a serious threat to the security and stability of the college’s network.

The Division of Information Technology (IT) is responsible for building,
maintaining and securing the college’s network infrastructure (both wired and
wireless).

This policy ensures the security and stability of the college’s computing
network and the data contained within.

IV. Policy Statements:

  1. The Division of Information Technology has the sole responsibility and
    authority to deploy wireless networking equipment to be used by members of the
    college community.
  2. The Division of Information Technology will coordinate the deployment of
    Metro State’s wireless networking equipment through the Auraria Cooperative
    Technology Committee (ACTC).
  3. Wireless networking approved and provided by the Division of Information
    Technology or a similarly authorized department of another Auraria institution
    has priority over other wireless networks. Previously deployed wireless networks
    that are not so approved and deployed may be shut down. Information Technology
    will make every reasonable effort to provide the Department with the level of
    service that they are accustomed.
  4. Any other Metro State employee or administrative unit wishing to deploy a
    wireless network must submit a request to the Division of Information Technology
    who will evaluate the proposal and if appropriate, carry the request to ACTC for
    their approval. Criteria for the evaluation will be posted on the IT
    website.
  5. Any Metro State employee or unit deploying an approved wireless network is
    required to:
    1. Assign the static IP address, issued by IT, to the wireless access
      point.
    2. Use strong encryption approved by IT.
    3. Not advertise or promote their wireless network as being available
      for general use by the campus community unless such access is approved by ACTC.
    4. Ensure that access to their wireless network is restricted to those
      users authorized to use their wireless network through means approved by IT.
    5. Ensure that usage of their wireless network is congruent with
      published college policy.
    6. Consult with IT before relocating their access point to another
      location.
  6. The Division of Information Technology may temporarily disconnect, without
    prior notice, any wireless access point that is endangering the security of the
    college’s network, malfunctioning, or being used in violation of published
    college policy. The Division of Information Technology will make a reasonable
    effort to work with the department hosting the device to resolve the security
    concerns before permanent disconnection. In all cases, the Division of
    Information Technology will make every effort to notify the operator of the
    device and the department head immediately.

V. Remedies for non compliance:

Failure to comply with these policies may result in one or more of the
following actions: a) suspension of access to the network for the individual or
unit violating the policy, b) when appropriate, disciplinary action ranging from
warning to termination depending on circumstances, in accordance with the Metro
State Handbook for Professional Personnel or State Classified Personnel Rules,
c) when appropriate, initiation of civil or criminal proceedings.

VI. Authority:

The Office of the President grants authority to the VP of Information
Technology to oversee compliance with this policy. The VP of Information
Technology will review this policy annually and revise as necessary.

Approved October 5, 2004