Wireless Local Area Network Policy

Chapter 3480a

Revised August 22, 2012

Table of Contents

.010 Purpose

.020 Scope

.030 Effective Date

.050 Policy

.060 Definitions

.070 Roles and Responsibilities

.080 Implementing Procedures

.090 Related Laws, Regulations, or Policies

.100 Questions/Waivers

.010 Purpose

The purpose of this policy is to guide the deployment of all K-State wireless networks to ensure reliable, compatible, and secure operation. Given the proliferation of wireless devices used to access University data, this policy is needed to properly protect K-State’s information resources and electronic communications, as well as arbitrate possible interference in the FCC unlicensed radio frequency spectrum used by these device

.020 Scope

This policy applies to all uses of K-State’s wireless networks at all physical locations on all K-Statecampuses, both inside buildings and in outdoor areas, and including student living space (e.g.,residence halls and Jardine Apartments). It also applies to any location to which a K-State wireless network is extended beyond the campus boundaries. It does not apply to cellular or Bluetoothwireless technologies.

.030 Effective Date

Approved 2003, revised December 2011.

.050 Policy

A. Usage

1. Only K-State faculty, staff, and students; authorized affiliates; and University guests may use K-State wireless networks. Authorized affiliates and K-State faculty, staff, and students must use the wireless networks designated for their use, which provide appropriate security measures (e.g., strong encryption and authentication). University guests may only use the wireless networks designated for guest use, which may have limited access to ensure appropriate protection for K-State information resources and systems.

2. Use of K-State wireless networks must comply with all K-State information technology policies, other applicable K-State policies and procedures, and all federal, state, and local laws.

3. The Chief Information Officer (CIO/VP-ITS) or designee has the authority to require cessation of:

a. Unauthorized or inappropriate use of K-State wireless networks

b. Unauthorized access points connected to the University network

c. Devices providing unauthorized wireless services at any K-State campus location (e.g., an unauthorized wireless device broadcasting the same SSID as a K-State wireless network or offering a public Wi-Fi service on any K-State campus)

B. Standards

1. Information Technology Services is the sole provider of all K-State wireless networking services. No other entity, including students living in the residence halls or Jardine Apartments, may install or operate devices on the University network that offer wireless services, such as wireless access points.

2. All wireless networking components must be configured and secured according to standards established by the Chief Information Officer (CIO/VP-ITS) or designee. Any device not meeting these standards, including unauthorized access points, may be prevented from accessing the University network.

C. Interference

Wireless networks typically operate in unlicensed frequency bands shared with other wireless devices, such as cordless phones and microwave ovens. These devices may use the same frequency range as the K-State wireless network and thereby disrupt its operation so their useshould be carefully considered. In cases of significant interference problems, the owner of the interfering device may be required to cease its operation. In cases where the interfering device is being used for a specific teaching or research application, Information Technology Services will work with faculty to mitigate the interference and accommodate the device without disrupting the K-State wireless network. In the event that both cannot operate without interference, use for specific teaching or research applications will take precedence over the general access wireless network.

.060 Definitions

1. Access point – A network device that serves as a communication hub for wireless nodes, typically providing a connection to the wired network and therefore transporting data between the wireless and wired networks.

2. Authorized affiliate – individuals who are not current K-State faculty, staff, or student, but are affiliated with the university and have a legitimate need for access to university resources.

3. Bluetooth – a low power wireless technology for exchanging data over short distances, typically less than 30 feet, creating a “Personal Area Network” (PAN).

4. SSID (Service Set IDentifier) – the name identifying a specific wireless network.

5. University data – Any data related to Kansas State University ("University") functions that are a) stored on University information technology systems, b) maintained by K-State faculty staff, or students, or c) related to institutional processes on or off campus. This applies to any format or media (in other words, it is not limited to electronic data).

6. University guest – Any visitor to campus seeking services or information provided by Kansas State University. Examples include library patrons, prospective students, family members of students, conference attendees, and vendors conducting business with K-State.

7. University network - Any part of K-State's data network physically located on any K-Statecampus. This includes devices on the network assigned any routable and non-routable IP addresses, typically 129.130.X.X or 10.X.X.X, respectively, and applies to K-State's wireless network and the network serving K-State's student residence halls and Jardine Apartments.

8. Wi-Fi – see “Wireless network.”

9. Wireless node – A device, such as a notebook computer, equipped with wireless data communications capability. For the purposes of this policy, a smartphone or similar portable device is only considered a wireless node when configured to use K-State’s wireless network, not when using a commercial cellular network.

10. Wireless network – a wireless network using IEEE 802.11 (aka Wi-Fi) protocols operating within a limited area consisting of one or more wireless access points that provide data network connectivity for wireless nodes. In essence, a wireless network provides the functionality of a wired data network without the physical constraints of the wire. For the purposes of this policy, commercial cellular networks are not included in this definition. A K-State wireless network is one operating within the University network or physically located on any K-State campus.

.070 Roles and Responsibilities

1. The Chief Information Officer (CIO/VP-ITS) or designee is responsible for establishing and enforcing all wireless network standards.

2. K-State’s Information Technology Services is the sole provider of design, specification, installation, operation, maintenance, and management services for all K-State wireless networks.

3. The Office of Information Security and Compliance is responsible for specifying, monitoring, and enforcing wireless network security standards.

.080 Implementing Procedures

Kansas State University Wireless Network Standards and Procedures (www.k-state.edu/cns/policy/wireless.html – document will be updated and moved to a different location before this policy goes into effect )

.090 Related Laws, Regulations and Policies

K-State information technology policies (www.k-state.edu/its/policies/)

.100 Questions/Waivers

The Chief Information Officer (CIO/VP-ITS) is responsible for this policy. The CIO/VP-ITS or designee must approve any exception to this policy. Questions relating to this policy should be directed to K-State’s Chief Information Security Officer