University Policy Number 1302
Responsible Office: Vice President of Information Technology/CIO
Related Law & Policy:
This policy applies to all University faculty, staff, students, visitors, including conference participants, members of organizations, and contractors. The policy applies to these persons participating in or supporting any activity in any academic and operational buildings, residence halls, and offices at all University locations, owned and leased.
This policy governs the installation, operation, and maintenance of all wireless network devices utilizing George Mason University Internet Protocol (IP) network space, including private IP space within University networks, and all users of such devices, and governs all wireless connections to the campus network backbone, frequency allocation, network assignment, and registration in the Domain Name System. It also applies to services provided over wireless connections to the campus network backbone for colleges, departments, or divisions of the University.
The University provides and maintains computing and telecommunications resources to support the teaching, research, and administration activities of its faculty, staff, and students. A secure and reliable data network is a critical component of the University’s infrastructure. While wireless networking devices can be useful tools for enhancing productivity and convenience, they can also negatively impact the availability and security of the University network if improperly connected or administered. This policy defines the roles and responsibilities of the Information Technology Services (ITS) and the network user community with respect to planning, deploying, and managing wireless technologies.
Wireless Network: local area network technology other than wired technology, including, but not limited to, technology that uses radio frequency spectrum, to connect computing devices to college, department, and division wired networks.
Access Point: electronic hardware that serves as a common connection point for devices in a wireless network. An access point acts as a network hub that is used to connect segments of a LAN, using some means other than wired ports for access by multiple users of the wireless network.
Wireless Infrastructure: wireless access points, antennas, cabling, power, and network hardware associated with the deployment of a wireless communications network.
Interference: the degradation of a wireless communication signal caused by electromagnetic radiation from another source. Interference can slow down or eliminate a wireless transmission depending on the strength of the interfering signal.
Point of Contact (POC): the person designated as having primary responsibility for a given wireless access point or network.
Virtual Private Network (VPN): the use of encryption to provide a secure means of connection over an otherwise insecure network.
Secure Shell (SSH): an Unix shell program for logging into, and executing commands on, a remote computer. SSH can be used as a more secure replacement for telnet, rsh, and other access methods commonly used with Unix systems.
Secure Sockets Layer (SSL): a protocol designed by Netscape Communications Corporation to provide encrypted communications on the Internet. Websites using SSL encryption have URLs that begin with “https://”.
Wireless equipment and users must follow all acceptable use provisions stated in Policy 1301 “Responsible Use of Computing” in addition to the more specific requirements described in this document.
Wireless access points must abide by all federal, state, and local laws, rules or regulations pertaining to wireless networks.
Responsibility for electronic communication resources at all campuses of George Mason University resides with the Vice President for Information Technology. The Vice President for Information Technology or designee may delegate responsibility for wireless access points within campus buildings to deans, department chairs, and directors of academic units when those access points are intended primarily or exclusively for use by the college, division or department. Where multiple organizations share a common building, the deans or department heads may share responsibility for wireless access points in that building, or may designate a specific dean or department head to take responsibility for the wireless access points in that building.
University colleges, departments, or divisions must register for the use of radio frequency spectrum with ITU Network Engineering and Technology, prior to implementation of wireless networks. The requesting department must provide technical specifications for the devices upon request so that network engineers can assess the potential impact.
The location of all wireless access points and the name of the Point of Contact (POC) for each must be registered with the ITU Network Engineering and Technology department. This may be accomplished by sending e-mail to email@example.com.
Deployment by Students
Students are not permitted to connect wireless access points to the campus network unless they are working under the direction of a University department or officially recognized campus organization. Wireless access points may not be connected to the student residential network.
Public Access Points
Responsibility for deploying wireless access points that are intended for use by the general University community resides with the Information Technology Unit. Other University colleges, departments, or divisions may install wireless access points for use by defined groups within their organization or building, but must follow the registration and security requirements noted herein.
Wireless networking technology uses unlicensed frequency bands to create small local area network cells. Since unrelated devices such as cordless telephones, wireless audio speakers, and even microwave ovens may also use these same frequency bands, the potential for disruption of service exists when multiple devices are placed in close proximity to one another. Interference or disruption of other authorized communications that result from the intentional or incidental misuse or misapplication of wireless network radio frequency spectrum is prohibited.
In the event that a wireless device interferes with other equipment, ITU Network Engineering and Technology and the ITU Project Management Office will work with the affected departments to resolve the interference. The arbiter, in case of conflict, is the Vice President for Information Technology.
Improperly secured wireless access points can compromise the security and performance of the University network, providing easy access for intruders to steal passwords, destroy data, and use University network and Internet resources for unauthorized purposes. Any department that deploys wireless networking devices must, at a minimum, follow basic security practices. The list of basic security practices is updated regularly by the Director, IT Security and it can be found on the web site http://itsecurity.gmu.edu/Resources/sysadmin-resources.cfm.
Any wireless network that poses a security threat may be disconnected from the campus backbone network. If a serious security breach is in process, ITU Network Engineering and Technology may disconnect the LAN immediately. Every reasonable attempt will be made to reach the registered Point of Contact (POC) to resolve security problems.
ITU Network Engineering and Technology will attempt to resolve any interference or security incidents by coordinating with the registered POC for the wireless network. If a POC is not available, the incident may be resolved through administration of the network connection to the backbone or other measures.
ITU Network Engineering and Technology has the authority to disconnect any wireless network from the campus network backbone whose traffic violates practices set forth in this policy, the Responsible Use of Computing Policy, or any network related policy. It is the responsibility of the college, department or division to be knowledgeable regarding the provisions of such policies.
More information is available at http://wireless.gmu.edu.
ITU Network Engineering and Technology is authorized to take whatever reasonable steps are necessary to ensure compliance with this, and other network related policies that are designed to protect the integrity and security of the campus network backbone. ITU Network Engineering and Technology works in conjunction and cooperation with the Information Technology Security Coordinator, under the direction of the ITU Security and Project Management Office.
Grievance matters with this policy or conflicts between ITU Network Engineering and Technology and any University college, department, or division are directed to the ITU Project Management Office for resolution. If the conflict is not resolved to the satisfaction of Network Engineering or the college, department, or division, the matter may be escalated to the Vice President for Information Technology for further review and action.
All amendments and additions to this policy are to be reviewed and approved by the Office of the Provost and the Office of the Senior Vice President.
The policies herein are effective January 5, 2004. This Administrative Policy shall be reviewed annually and revised, if necessary, and becomes effective at the beginning of the University’s fiscal year, unless otherwise noted.
Maurice W. Scherrens
Senior Vice President
Peter N. Stearns
Date approved: 01/16/04
Revised: January 29, 2013