The University of San Francisco: Information Technology Services
Information Technology

Wireless Policy

PDF Version: Link

Effective Date: 12-9-2013

Last Updated: 12-9-2013

Responsible University Officer:
Vice President, Chief Information Officer

Policy Owner:
Leo Pereira, Network and Security Services

Policy Contact:
ITS Help Desk

  1. POLICY STATEMENT
    1. The university provides wireless communication services for faculty and staff in support of mission-related activities and to promote the cost-effective, appropriate and secure use of wireless devices.
  2. REASON FOR POLICY
    1. The purpose of this policy is to preserve quality of service while supporting the university’s business objectives.  Unauthorized modifications to the wireless network may lead to a change in service, quality and availability for everyone.
  3. SCOPE
    1. The scope of this policy applies to all university wireless services.  There is no provision for personal wireless service since such activity would severely impact all customers.
  4. AUDIENCE
    1. All parties are subject to the policy and standards set forth.
      1. All Employees, Faculty and Staff
      2. Residential students and guests living in university housing
      3. All contractors, vendors and any other 3rd parties entrusted with university job responsibilities.
  5. POLICY TEXT
    1. Policy Statement
      1. The university wireless network is intended as a supplement to the wired network and for use with portable electronic devices; it is not intended to be a user’s sole connection to the university network or IT resources.
      2. The wireless network is not expected to provide the same quality of service as the university’s wired network infrastructure.
      3. When reliability and performance is critical, the university’s wired network infrastructure should be used.
      4. University computing resources, such as PCs, printers, servers and other critical IT equipment, must be connected to the wired network infrastructure.
      5. Wireless networks and systems are subject to similar threats and vulnerabilities as data and voice networks.  To reduce instances of expensive toll charges (fraud), denial of service attacks and damage to wireless equipment, users and supervisors should:
        1. Supervisors will submit an ITS Help Desk ticket to immediately deactivate USF accounts (which includes wireless access) for terminated and resigned personnel.
        2. Users shall not improperly access, move, modify or disrupt university-owned wireless equipment and service.
        3. Users shall not intercept wireless signals or transmissions.
        4. Access to wireless (and wired) switches and wiring closets shall be restricted to authorized individuals who require access to perform their job functions.
        5. Users will set a strong password for their USF accounts and change them according to the university password policy.
        6. Users shall not disclose (or write down) their wireless account password to anyone for any reason.  REMEMBER: USF administrators don’t need your password to access accounts.  Administrators can reset passwords.
        7. Users will not deploy personally-owned wireless access points.
        8. Users will contact ITS Help Desk within 30 days of arrival to the campus to register their personal wireless devices with Network Access Control (NAC).
        9. Users may only have three (3) personally-owned devices registered with the university NAC equipment at any time.
      6. Temporary network wireless access may be granted to guests (visitors) who require access to the university on a regular or short-time basis.
      7. Users may not extend university wireless coverage area.
      8. Gaming is not permitted across the wireless network.
    2. Standards
      1. Those responsible for service, performance and modification to this policy must adhere to standards:
        1. Document existing and any modifications to the university wireless network
        2. Resolve & mitigate auditable events
          1. High risk events in 5 days
          2. Medium risk events in 10 days
          3. Low risk events in 30 days
        3. Adhere to university wireless access point standards
        4. Where possible, increase wireless access coverage campus wide
        5. Provide a list of wireless devices that operate with existing access
    3. Auditable Events
      1. For audit staff, the events and documentation below are needed to inspect the wireless network.
        1. Define acceptable wireless devices
        2. All wireless devices must login to network access control
        3. Wireless devices must meet minimum USF ITS Security
  6. PROCEDURES
    1. Below is a list of common set of procedures to increase the quality and services.
Problem: Action:
Unable to get wireless connection Contact ITS and create a trouble ticket for a technician to initiate resolving the problem
Add a new wireless access point to the university network Contact ITS and create a trouble ticket for a technician to initiate adding a new access point
Disable user wireless account Contact ITS and create a trouble ticket for a technician to disable an existing wireless account
  1. RELATED INFORMATION
    1. For additional reference material related to this policy, please see:
      1. Information Security policy
      2. Password policy
      3. NAC standard operating procedure (SOP)
      4. Network Security policy
      5. Network Guest Access policy
  2. DEFINITIONS
    1. Gaming
      1. Entertainment game consoles, such as xBox P3, Nintendo, and Wii
    2. Personally owned device
      1. A device not owned by the university, such as, electronic readers, smart phones and any other 802.11 compliant equipment.
  3. FREQUENTLY ASKED QUESTIONS
    1. (None)
  4. REVISION HISTORY
    1. 12-9-2013 - First publication of policy
  5. COMPLIANCE
    1. Failure to follow this policy can result in disciplinary action in accordance with Human Resources Employment Handbook and Office of General Counsel employee and labor relations. Disciplinary action for not following this policy may include termination, as provided in the applicable handbook or employment guide.
  6. POLICY EXCEPTION PROCESS
    1. A proposed exception request to ITS Policy requires a formal email explanation related and in support of job function.
    2. A proposed exception request to ITS Policy, mentioned in 'XII.A', must be approved via email by respective department or division supervisor, Dean, or VP, before submitted to ITS for review.
    3. Forward approved email as stated in 'XII.B' to itshelp@usfca.edu for processing.
    4. Evaluation of ITS Policy Exception will escalate internally, and as applicable may include further review by: UITC subcommittee(s), the Information Security Officer, and others as appropriate at the request of VP for IT.
  7. APPENDICES
    1. (None)