Purpose
The purpose of the Salish Kootenai College Network Management Policy is to establish the rules for the maintenance, expansion, and use of the network infrastructure.
Audience
The Salish Kootenai College Network Management Policy applies to individuals involved in the configuration, maintenance, or expansion of the Salish Kootenai College network infrastructure.
- I. General
- Salish Kootenai College IT Services owns and is responsible for the Salish Kootenai College network infrastructure and will continue to manage further developments and enhancements to the infrastructure.
- To provide a consistent network infrastructure capable of leveraging new networking developments, all cabling must be installed by Salish Kootenai College IT or an approved contractor.
- Information security requirements must be included in any new information system or enhancements to the existing system.
- Appropriate technical controls and solutions must be implemented to protect Confidential information from the unauthorized transfer, modification, or disclosure (i.e., next-gen firewalls, IDS/IPS, DLP).
- A map or diagram of the network and data flow, including external connections, must be maintained. This map or diagram must be updated after any changes to the network occur. This diagram should be reviewed every six months to ensure it continues to represent the network architecture.
- All systems on the network must be authenticated. Connections to the network must be authorized by IT.
- All hardware connected to the Salish Kootenai College network is subject to Salish Kootenai College IT management and monitoring standards.
- Documented baseline configurations must be maintained for all Information Resources that create, collect, store, and/or process confidential or internal information. All network-connected resources must be configured to these specifications.
- Operating procedures for activities associated with information processing must be documented and made available to personnel who need access to them.
- Resource usage must be monitored to ensure the required system performance.
- Information processing facilities must address redundancy sufficient to meet availability requirements.
- Changes to the configuration of active network management devices must be made according to the Change Management Policy.
- The Salish Kootenai College network infrastructure supports a well-defined set of approved networking protocols. Salish Kootenai College IT Services must approve any use of non-sanctioned protocols.
- All connections of the network infrastructure to external third-party networks are the responsibility of Salish Kootenai College.
- Groups of information services, users, and information systems must be segregated on the network. The perimeter of each domain should be well-defined and based on the relevant security requirements.
- Network devices must be installed and configured following Salish Kootenai College implementation standards.
- The use of departmental network devices is not permitted without written authorization from the Salish Kootenai College CIO.
- Personnel other than IT staff are not permitted to access or alter existing network hardware.
- Wireless Networking
- All wireless access points or devices that provide access to the Salish Kootenai College wireless network must be approved by SKC IT Services.
- Wireless access points must be placed in secure locations.
- Wireless networks must be segmented using appropriate technical controls.
- Authentication settings (passwords, encryption keys, etc.) must be changed periodically and anytime it is suspected that such information has been compromised or if anyone with knowledge of the information leaves the organization.
- All wireless network traffic must be encrypted in accordance with the Salish Kootenai College Encryption Policy and supporting standards, regardless of information sensitivity.
- The Salish Kootenai College Wireless Network must not be used inappropriately; in particular, persons must not use the network to:
- Intercept or attempt to intercept other wireless transmissions for eavesdropping.
- Access or run utilities or services that might negatively impact the overall performance of the network or deny access to the network, e.g., RF jamming, Denial of Service (DoS).
- Salish Kootenai College wireless network users must not tamper with network access points or security settings.
- Users must not connect to another wireless network and the Salish Kootenai College wireless network simultaneously.
- Salish Kootenai College will conduct scans of wireless access points and identify all authorized and unauthorized wireless access points at least quarterly.
- Network Cabling
- Core and distribution racks must be secured and not located in visible areas.
- All networking cabling must be protected from unauthorized interception, organized, tied down, and labeled.
- When possible, network closets should be secured with auditable controls.
- Demarcation points need to be secured with adequate segregation or isolation.
- All ports on switches must be reconciled and inventoried regularly. Where this is not possible, compensating controls must be used and documented.
- Salish Kootenai College IT Services owns and is responsible for the Salish Kootenai College network infrastructure and will continue to manage further developments and enhancements to the infrastructure.
History:
Adopted 3/17/2023