TTUHSC Information Techonology
Home Information Technology Policies

TTUHSC IT Policies

1.4.23   WIRELESS ACCESS

The emergence of wireless network technology has resulted in requests from TTUHSC departments to implement wireless network solutions for office, clinic, and classroom locations.  To ensure proper administration and security of the network, it is important for the development of wireless networking capabilities be controlled and coordinated.

This document outlines the policies for the implementation of wireless networking technology at TTUHSC.  See also Section 1.4.14 - Portable Computing.

Scope

This policy applies to all wireless network devices connected to the TTUHSC network infrastructure, or wireless devices owned by TTUHSC, or operated in TTUHSC facilities.

Policy

All TTUHSC faculty, staff, and students should be aware that wireless network connections are inherently less secure than wired connections.  State and federal legislation requires TTUHSC to provide protection for sensitive data such as patient information and student financial data.  Therefore, TTUHSC personnel are advised against using wireless technology to transmit this type of information.

Information Technology will extend the TTUHSC network to provide wireless service to any area based on the application need and demand and subject to the availability of resources.  Wireless networks are not a replacement, but a supplement to the existing wired network.  Wireless connectivity will only be allowed in areas that wired connectivity is not available, or there is a justifiable business or educational case for its use.

The Chief Information Officer (CIO) or designee, in concurrence with the Regional Site Coordinator (RSC) at the respective campus, must approve the installation and use of wireless devices connected to the TTUHSC network.

Only wireless hardware and software approved by the CIO or designee, in concurrence with the RSC from each campus, will be used for the wireless infrastructure.

All wireless access points and wireless devices must have the manufacturer’s default SSID changed.  These access points and devices will be audited and monitored on a regular basis.  Information Technology reserves the right to remove any unauthorized or misconfigured wireless device from the network immediately without prior notice.

Wireless network and services are subject to the same rules and policies that govern other electronic communications services at TTUHSC.  (See Acceptable Use and Portable Computing).  Disruption of authorized communications or unauthorized interception of wireless communication is a violation of policy.

Approval

Departments with a justifiable need for wireless connectivity should provide a written request from their department administrator to the Managing Director of Network, Security, and Systems and/or the appropriate RSC for approval.  The following should be included in the request in order for Information Technology to properly evaluate the request:

After the request has been reviewed, Information Technology will survey the site and discuss with the department administrators the project plan for implementation.

Equipment

TTUHSC will implement wireless equipment that follows the IEEE 802.11 standards.  Wireless equipment standards will be reviewed and amended as wireless standards change, and as products are introduced that improve the security and reliability of the wireless network.

Security

Access to the wireless network will be limited to individuals authorized to use the Institutional network and Internet resources.  All wireless network users must authenticate his/her identity to an authentication server managed by Information Technology before access to the rest of the TTUHSC network is permitted.  Anonymous users will not be allowed to access the wireless network.

Responsibilities

Information Technology

Department Administrators