Security Awareness

Wireless FAQs

Wireless

 

Wireless

What is the University's position on wireless network deployment interference?

Where interference between the campus/University network and other devices cannot be resolved, the University reserves the right to restrict the use of all wireless devices in University owned or leased buildings, and all outdoor spaces.

In cases where the interfering device is being used for a specific teaching or research application, the network administrator will work with faculty to mitigate the interference and accommodate the device without disrupting the University WLAN(s). I

n the event that both cannot operate without interference, use for specific teaching or research applications will take precedence over the general access WLAN. The campus CIO has the authority to require cessation of unauthorized use of wireless devices.

Wireless Access Points determined to be interfering with the wired network or other wireless devices may be disconnected so as to eliminate interference with other devices and services.

Policy Referenced : Data and Computing Standard (PDF)

Date Revised : 2006-03-29

Back to top

What are wireless access points?

Wireless access points are a piece of network hardware that serves as a communications hub for wireless connectivity typically providing connection to the wired local area network (i.e., LAN) and therefore transmitting data between the wireless and wired networks. Access points can be connected to the wired network allowing wireless access to the campus network and connecting via radio frequency to networked devices such as laptop computers and PDAs.

Policy Referenced : Data and Computing Standard (PDF)

Date Revised : 2006-03-29

Back to top

Does data transmitted over wireless networks have to be encrypted?

As noted in the University of Massachusetts Data and Computing Standards, to the extent technically and reasonably possible, Private, Restricted or Confidential data (As defined in the Data and Computing Standards) transmitted over any communication network shall be transmitted in encrypted form or other appropriate and equally secure method. This includes transmissions over wireless medium.

Policy Referenced : Data and Computing Standard (PDF)

Date Revised : 2006-03-29

Back to top

I want to install a wireless lan on campus. Can I install an access point?

No. Only staff authorized by your campus Chancellor can install wireless networking access points. This applies to both employee wanting to deploy wireless technologies for their department and students installing or operating wireless local area network (WLAN) access points in residence halls.

Policy Referenced : Data and Computing Standard (PDF)

Date Revised : 2006-03-29

Back to top

Since the information I send via a wireless device reaches my intended recipient, the information cannot be seen by anyone else, right?

Using a wireless network is comparable to using a cellular phone and/or a cordless phone. The traffic has an intended path to the recipient, however, the traffic can be either intentionally, or unintentionally received by others.

Policy Referenced : Data and Computing Standard (PDF)

Date Revised : 2006-03-29

Back to top

Is the transmission between wireless devices encrypted?

Although wireless communications can be encrypted, it is not guaranteed that the entire transmission is completely secure. Therefore, it is recommended that sensitive or confidential material not be sent over wireless networks.

Policy Referenced : Data and Computing Standard (PDF)

Date Revised : 2006-03-29

Back to top

Are wireless networks secure?

By its very nature, wireless networking is insecure. Anyone with the proper equipment and knowledge can access a wireless network and can even "sniff" data traveling through the air via radio waves. Encryption provides some measure of security, but is by no means a perfect solution.

Policy Referenced : Data and Computing Standard (PDF)

Date Revised : 2006-03-29

Back to top

What uses are appropriate for wireless technologies?

Wireless technologies use access points which provide shared bandwidth. As more users connect to the access point, the available bandwidth per user diminishes. Therefore, wireless networks are not appropriate for high bandwidth applications such as video streaming. It is most suited for applications such as email and web browsing.

Wireless devices must not be used for connecting to campus business systems such as PeopleSoft Human Resources and Financials, student information, patient records including MediTech and IDX, or other systems that contain sensitive or confidential information, or are critical to the mission of the University unless using encryption protocols.

Wireless access points will be programmed to disallow access to high risk services including PeopleSoft Human Resources and Financials, student information, patient records including MediTech and IDX unless the user is using encrypted L2 protocols.

Policy Referenced : Data and Computing Standard (PDF)

Date Revised : 2006-03-29

Back to top

What protocols are/are not supported by University wireless deployments?

Check with your campus information security officer or network management, for a list of what protocols and client devices are and are not supported on the wireless network.

Policy Referenced : Data and Computing Standard (PDF)

Date Revised : 2006-03-29

Back to top

Does the University monitor the use of the frequency spectrum for potential interfering devices relating to wireless technology?

While the University does not actively monitor use of the frequency spectrum for potential interfering devices, system administrators will respond to reports of wireless network service interruptions and specific devices that are suspected of causing interference and disrupting the campus/University network.

Policy Referenced : Data and Computing Standard (PDF)

Date Revised : 2006-03-29

Back to top

Are there University standards for wireless devices accessing University wired networks?

Wireless devices accessing University wired infrastructure must meet certain data networking and security standards including but not limited to IEEE 802.1x (Port Based Network Access Control) to ensure that authorized and authenticated users are able to connect to the campus network and that University computing resources are not exposed to unauthorized users.

Policy Referenced : Data and Computing Standard (PDF)

Date Revised : 2006-03-29

Back to top

Who is responsible for the use of wireless devices attached to any University network?

Any person attaching a wireless device to any University network is responsible for the security of the device and for any intentional or unintentional activities from or to the network pathway that the device is using.

Policy Referenced : Data and Computing Standard (PDF)

Date Revised : 2006-03-29

Back to top

Does the University control the use of wireless technologies?

Yes. The University has Data and Computing Standards that include mandatory standards/processes that must be followed in deploying and using wireless technology at the University.

These Guidelines apply to:: . all wireless networking devices connected to the networks owned, leased or maintained by the University of Massachusetts. This includes, but is not limited to, wireless access pints, wireless routers, wireless phones, etc.; . all wireless local area network (i.e., WLAN) technologies, both inside buildings and in outside areas, and . administrative and academic applications of wireless technologies.

Policy Referenced : Data and Computing Standard (PDF)

Date Revised : 2006-03-29

Back to top