1.0 Purpose

These guidelines prohibit access to College of Public Health Information Technology Resources via unsecured wireless communication mechanisms. Only wireless systems that meet the criteria of these guidelines or have been granted an exclusive waiver by the College Director of Information Technology are approved for connectivity to College of Public Health computer systems and servers.

2.0 Scope

These guidelines cover all wireless data communication devices (e.g., personal computers, cellular phones, PDAs, etc.) connected to any College of Public Health computer system or server. This includes any form of wireless communication device capable of transmitting packet data. Wireless devices and/or networks without any connectivity to the College of Public Health do not fall under the purview of these guidelines.

3.0 Guidelines

To comply with these guidelines, wireless implementations must: Maintain point to point hardware encryption of at least 56 bits. Maintain a hardware address that can be registered and tracked, i.e., a MAC address. Support strong user authentication which checks against Microsoft Active Directory or similar service.

4.0 Enforcement

Any employee found to have violated these guidelines may be subject to disciplinary action, up to and including termination of employment.

5.0 Definitions

User Authentication: A method by which the user of a wireless system can be verified as a legitimate user independent of the computer or operating system being used.