Security
The content and structure of an organization's security policies is of fundamental importance. They must be complete, up to date, and fully reflect its needs. The aim of this document is to set a security policy for the Data and Wireless network so that we can preserve network integrity and protect the information assets of network users. Relevant policies and procedures are mentioned below.
Network security is a function of the network participants. Sensitive data traversing the network should be encrypted at the endpoints in order to insure that it remains confidential.
Resellers, Colocated and Dedicated Server Administrators who provide network services will do so in a manner that is consistent with good facility management and within the scope of Data and Wireless network security policy and its terms and conditions of network usage. All accounts for general access will have passwords, secure and sensitive data will be kept that way
Attention must be paid to security alerts from vendors and other agencies and patches/fixes must be applied in a timely manner. In addition to these practices, organizations will designate a manager who will be the sole point of contact with Data and Wireless Network Operations.
Network devices which are suspected of having a security breach will be removed or blocked from the network until the problem is corrected to the satisfaction of Network Operations. Users should contact the manager of their network for security information and local policy.
Anyone wishing to attach a new device to the Data and Wireless network will contact Network Operations prior to doing so. All Network attachment hardware will be located in physically secure areas.
A routing switch or switch ( managed/unmanaged ) will be the point of network attachment for each rack. It is recommended that a router/switch be the point of network attachment for each organization.
The number of protocols that may be used to establish links is restricted. Any attempt to change connectivity by the introduction of new protocols or new physical or logical links will be subject to review by Network Operations. TCP/IP, SNMP, POP3, HTTP, FTP, SMTP, UDP are the currently approved protocols and services.
Network Operations monitors traffic on the network for the purpose of maintaining network operation and secirity. By extension, traffic generated by users of Server systems on the network is also monitored.
Any excessive use of network resources, will be filtered or blocked to reduce the impact on other users of the network.
Any attack or attempted intrusion will be dealt with decisively, the offending IP class will be blocked, the attempt will be logged, the owners of the IP class will be notified as well as local Law Enforcement. Persistant attacks will be permanently excluded from accessing the network.
Information regarding security vulnerabilities and any fixes for them are available from the vendor of the software.
Users will be held accountable for their conduct under any applicable Law. Anyone who maliciously accesses, alters, deletes, damages or destroys any computer system, network, computer program, or data is guilty of a felony. Complaints alleging misuse of network resources will be directed to those responsible for taking appropriate disciplinary action.
Abuse of the network privilege will result in the immediate suspension of network access.
Network traffic may be subject to search under court order. In addition, system administrators may monitor network traffic or access user files as required to protect the integrity of the network.
Nothing in this statement supersedes the right of a network service provider, reseller, to impose more restrictive terms.