A. Introduction

1. Overview

Wireless network and Internet access is now available on the Fresno Pacific University campus. Due to the nature of wireless communication, wireless networking requires increased cooperation between faculty, staff and students in order to fully maximize the benefits of this technology.

After connecting to the wireless network, staff/faculty/administration will be able to surf the Web, check email and access shared files, while students/guests may only surf the Web. The wireless network is currently installed in the Steinert Campus Center and allows for "roaming," so that users can maintain connections while moving between rooms. There is also limited wireless networking available in McDonald Hall. The wireless network is designed for educational use on campus. Students, staff and faculty are encouraged to find new and creative ways to make use of the wireless network to enhance the learning experience at FPU.

Note: The wireless network is a shared resource and is intended to supplement and enhance the existing wired network, not to replace it.

2. Purpose

The purpose of this policy is to inform users of the acceptable use regulations related to FPU's wireless network. This policy has been put in place to protect the staff, faculty and students and to prevent inappropriate use of wireless network access that may expose FPU to multiple risks including viruses, network attacks, and various administrative and legal issues.

This policy has been created to expand on the ITS security and responsible use policies by including specific information regarding the use of wireless networking and data access on campus. The wireless network's acceptable use falls under the security policy's acceptable use guidelines and rules.

This policy is subject to change as new technologies and methods of implementing these technologies emerge.

3. Scope

This wireless usage policy applies to all workstations, notebooks, wireless local area networks, systems, servers and software applications used on campus. It also applies to all staff, faculty and students at FPU. The purpose of this policy is to ensure the security, reliability and utilization of the wireless network.

Note: All computer hardware and software, all data, policies and procedures are the property of FPU. All persons using the above are responsible to maintain the security and confidentiality of this information.

B. Policy

1. General Use

It is the intention of ITS to provide a high level of reliability and privacy when using the wireless network. Wireless access points are distributed around the Steinert Campus Center in order to provide and maintain connectivity when "roaming" about the building. Wireless access points provide a shared bandwidth and so as the number of users increase the available bandwidth per user decreases. As such users are asked to be considerate of other users and refrain from running high bandwidth applications and operations such as downloading large music files and video from the Internet. Network reliability is determined by the level of user traffic and accessibility. In order to provide an acceptable level of reliability bandwidth will be regulated according to user role and location.

All users should be aware that the data created on university systems are the property of FPU.

Note: ITS cannot guarantee the confidentiality of any information stored on any device belonging to FPU or connected to the FPU wireless network.

2. Coverage

FPU's wireless network is currently installed throughout the Steinert Campus Center to allow for seamless "roaming" around the building. This is subject to change as the requirements of the users are continuously assessed.

3. Access

In order to access to the FPU wireless network authorized users will be required to login and authenticate with their assigned username and password. Usernames and passwords will be assigned by ITS.

4. Authorized Users

• Each time users turn on their wireless-enabled device (e.g., notebook, PDA) and open up a web browser (e.g., Internet Explorer, Netscape), they will be automatically redirected to the FPU Wireless Network Login Screen.
• Users will be prompted to enter their username and password.</ LI>
• Once the login is completed users will, depending or their assigned role, have access to the Internet and/or the network.
• The session will expire if the connection is not used for an extended period of time.
• To restart the session users will need to login again.

For authorized users (e.g., faculty, staff) requiring access to sensitive and confidential data, encryption will be required through the use of VPN/IPSec tunnels. ITS will provide technical support and assistance to all users requiring encrypted connections to the wireless network.

Please see the FPU password policy for additional details on acceptable usage relating to passwords.

5. Guests

Non-authorized users such as students, guest speakers and vendors who need to use the FPU wireless network for Internet access must obtain access instructions from ITS.

6. Security

Wireless networks are insecure. The security features of WEP (Wired Equivalency Protocol) are flawed and allow for eavesdropping or "sniffing" of wireless traffic to potentially capture all traffic that is not encrypted with a third party product.

Eavesdropping on any FPU network communication (wired or wireless) is illegal and a violation of the FPU Security and Responsible Use of Technology policies. All violations will result in disciplinary action.

All wireless users will be authenticated before being allowed access to the FPU wireless network. When connecting to the Web wirelessly all users should ensure that all usernames, passwords and personal information be sent only to secure websites. Secure sites are ones that use SSL encryption (i.e., sites with a small gold lock in the lower right corner of the browser).

Unless appropriate encryption technologies are implemented all users should consider all communication across the FPU wireless network insecure and all content visible as clear/plain text.

All computers that are connected to the FPU network in any way, whether owned by the employee or FPU, must be running approved anti-virus software with the latest virus updates. Extreme care must be taken when opening email attachments as they may contain harmful code such as viruses trojan horses.

For security and network maintenance purposes, ITS may monitor individual equipment or wireless network traffic at any time. FPU reserves the right to audit networks and systems on a periodic basis to ensure compliance with this policy.

ITS has the authority to disconnect any device from the wireless network that violates the practices set forth in this policy or any other related policy. It is the responsibility of the user to be knowledgeable of the information set forth in such policies.

All authorized users, guests and students are responsible for the following:

• Adhering to established networking guidelines and policies.
• Implementation of security software (antivirus, firewalls), patches and protocols on all equipment used to access the FPU wireless network.
• Compliance with all university policies and procedures and local and state laws pertaining to the security of sensitive and confidential data on the campus networks.
• Reporting known violations of the wireless network and all related equipment to ITS.

7. Prohibited Use

All users are subject to the rules laid out in the FPU security policy and other relevant policies. Certain employees may be exempt from these restrictions during the course of their work (e.g., ITS staff may need to scan the network to troubleshoot performance issues). At no time is any FPU employee to take part in any activity that is illegal under local, state, federal or international law while using FPU resources.

C. Policy Enforcement

Any violations of the rules put forth in this policy may result in the following disciplinary actions being taken by the university:

• Limiting of a person's access to some or all of the university resources.
• Initiation of disciplinary actions by FPU up to and including, but not limited to, termination of employment.
• Criminal prosecution under state and federal laws.