Assumption College Policies:
ASSUMPTION COLLEGE NETWORK USE POLICY
This policy is designed to protect the Assumption College network and the ability of the campus to use it. The purpose of this policy is to define the standards for connecting all devices including computers, servers, tablets, phones or other devices to the College’s network. The standards are designed to minimize the potential exposure to Assumption College from damages (financial, loss of work, and loss of data) that could result from computers and servers inappropriately configured or maintained and to ensure that all devices on the network are properly connected and not adversely affecting network performance.
Assumption College must provide a secure network for educational, research, instructional and administrative functions and services. Damages from improperly connected or configured devices could interrupt or degrade service enough that the loss of sensitive and confidential data, interruption of network services and damage to critical Assumption College internal systems could occur. Schools that have experienced severe compromises have also experienced damage to their public image. Therefore, individuals who connect computers, servers and other devices to the campus network must follow specific standards and take specific actions.
This policy applies to all members of the Assumption College community or visitors who have any device connected to the Assumption College network, including, but not limited to, desktop computers, laptops, servers, wireless computers, mobile devices, smartphones, specialized equipment, cameras, environmental control systems, and telephone system components. The policy also applies to anyone who has systems outside the campus network that access the Assumption College network. The policy applies to College-owned computers as well as personally-owned or leased computers that connect to the campus network
Users of the Assumption College network are required to authenticate when connecting a device to it. Students on RESnet may need to install an agent on their computers before they are allowed on the network. The role of such an agent would be to audit the computer for compliance with security standards.
Information Technology & Media Services maintains a database of unique identifiers on RESnet containing network addresses and usernames for the purposes of identifying the owner of a computer when it is necessary. For example, the IT&MS Hub would contact the registered owner of a computer when his or her computer has been compromised or if a copyright violation notice has been issued for the IP address used by that person.
Responsibility for Security
Every computer or other device connected to the network has an associated owner (e.g. a student or staff member who has a personal computer). For the purposes of this policy, owners and caretakers are both referred to as owners.
Owners are responsible for ensuring that their machines meet the relevant security standards and for managing the security of the equipment and the services that run on it.
These security standards apply to all devices that connect to the Assumption College network through standard College network ports, through wireless services, and through home and off campus connections.
- Owners must ensure that all computers and other devices capable of running anti-virus-malware software have Assumption College-licensed anti-virus software (or other appropriate virus protection products) installed and running. Owners should update definition files regularly.
- Computer owners should install the most recent security patches on the system as soon as practical or as directed by RESnet. Where machines cannot be patched, other actions may need to be taken to secure the machine appropriately.
- Computer owners of devices that contain PII (personally identifiable information) should apply extra protection as mandated by local, state and federal statutes.
Network-Based Service Provider
IT&MS is responsible for providing reliable network services for the entire campus. Individuals or departments may not run any service which disrupts or interferes with IT&MS services. These services include, but are not limited to, email, DNS, DHCP, and Domain Registration.
Protection of the Network
IT&MS uses multiple methods to protect the Assumption College network:
- monitor all traffic inbound-outbound on the network
- scan hosts on the network for suspicious activities
- block harmful traffic
All network traffic passing in or out of Assumption’s network is monitored by an intrusion prevention system for signs of compromises. By connecting a computer or device to the network, you are acknowledging that the network traffic to and from your computer is monitored and may be scanned.
IT&MS continually scans the Assumption College network, looking for vulnerabilities. At times, more extensive testing may be necessary to detect and confirm the existence of vulnerabilities. By connecting to the network, you agree to have your computer or device scanned for possible vulnerabilities.
IT&MS reserves the right to take necessary steps to contain security exposures to the College and to block or remediate improper network traffic. IT&MS will take action to contain devices that exhibit the behaviors indicated below, and allow normal traffic and core college functions to resume.
- imposing an exceptional load on a campus service
- exhibiting a pattern of network traffic that disrupts core services
- exhibiting a pattern of malicious network traffic associated with scanning or attacking others
- exhibiting behavior consistent with the owner’s device being compromised
IT&MS reserves the right to restrict certain types of traffic coming into and across the Assumption network. IT&MS may restrict traffic that is known to cause damage to the network or hosts on it, such as P2P, Bit Torrent, NETBIOS, Bonjour and Rendezvous. IT&MS also blocks other types of traffic that consume too much network capacity, such as all file-sharing traffic.
By connecting to the network, you acknowledge that a computer or device that exhibits any of the behaviors listed above is in violation of this policy and will be removed from the network until it meets compliancy standards.