Network security requires that computer equipment and data be safeguarded in a way that prevents unauthorized disclosure, misuse, alteration, destruction or other compromise of information.
This policy is designed to lay out the steps that must be taken to electronically secure computer equipment and data at Clarkson University.
This policy applies to University officials.
In order to prevent unauthorized disclosure, misuse, alteration, destruction or other compromise of information, access to all computer systems and the network must be restricted to those who have a legitimate business need to have access. This means that all services shall be secured by the use of an appropriately configured hardware or software firewall, access control list, or other communications inhibiting mechanism. System and administrator level accounts must be secured using strong passwords, as defined by the Password Policy. Prior to accessing the network, all computer must be registered using the NetReg system.
Specific requirements for desktop computers, servers and communications equipment are set forth in their respective security policies. Additionally, network traffic is subject to filtering and monitoring as set forth in the Access Control and Network Monitoring Policies. Standards for remote access are given in the Remote Access Policy.
All requirements given in the above mentioned policies shall be followed at all times.
Failure to follow this policy will result in the offender(s) being subject to disciplinary action up to and including a formal written letter of corrective action.
Communications Equipment – a specialized piece of electronic equipment designed to route or switch network traffic
Desktop computer – a computer that is used primarily as a workstation, for day-to-day tasks
Server computer – a computer that performs specialized functions, such as serving email, web pages, etc.
7.0 Revision History
Draft Policy – 19 April 2005 – jfiske
Draft Policy – 5 May 2005 – jfiske
Draft Policy – 10 February 2006 – jfiske
Approved Policy v1.0 – 4 November 2013 – jfiske