Issue Specific Security Policy

Title: Fair and Responsible Use of Wireless LAN Technology

Classification: Internal Use nly
Statement of Policy
This policy addresses fair and responsible use of Ac!e"s #ireless local area net#or$ %WLAN&
technologies' This includes but is not li!ited to hard#are( soft#are and protocols
associated #ith WLANs' It is intended for authori)ed users #ithin the Ac!e enterprise'
Authori)ed users are defined as anyone #ho has been granted appro*al to access Ac!e
infor!ation and infor!ation syste!s' This includes e!ployees and contingent #or$ers'
Authori)ed users are e+pected to understand and co!ply #ith the contents of this
docu!ent'
Appropriate Use
Laptop users are per!itted( #ith prior !anage!ent appro*al( to use Ac!e"s internal WLAN
solution' The WLAN should be used only #hen a #ired net#or$ solution in una*ailable or
inappropriate for a particular situation' To ensure appropriate protection of pri*acy( all
#ireless trans!issions #ill be secured utili)ing strong !utual authentication and encryption'
When establishing a connection to a public hotspot or WLAN #ithin your ho!e( a ,PN
connection !ust be established and used in con-unction #ith an Ac!e appro*ed personal
fire#all solution' nly Ac!e appro*ed WLAN technologies are per!itted #ithin the
enterprise' Use of non.standard hard#are( soft#are and protocols is strictly prohibited'
Systems Management
It is the responsibility of the Net#or$ Ad!inistrator( for Ac!e"s WLAN( to ensure all Access
Points are configured #ith proper settings as defined by the WLAN Syste!.Specific Policy'
This includes but is not li!ited to authentication and encryption configurations' It is the
responsibility of the end.user to ensure that his/her laptop re!ains properly configured as
defined by 0nterprise Wor$station Standards' This includes but is not li!ited to the
configuration of the #ireless supplicant and net#or$ interface card' Ac!e Infor!ation
Security #ill be responsible for defining authentication and encryption re1uire!ents as #ell
as de*elop!ent of necessary co!pliance progra!s' Ac!e reser*es the right to audit any
and all technologies associated #ith its WLAN'
Violations of Policy
In the e*ent of inappropriate use of WLAN technologies( Ac!e reser*es the right to ta$e
#hate*er steps are dee!ed appropriate for the specific situation including( but not li!ited
to( ter!ination of e!ploy!ent and/or legal action' 2uidelines for action include a #arning
for first.ti!e *iolators and for!al notice in e!ployee"s personnel file for additional
occurrences' All *iolations of this policy should be reported to your direct report !anager
#ho #ill in turn report the *iolation to the Infor!ation Security depart!ent'
Policy Review and Modification
This policy #ill be re*ie#ed by Ac!e Infor!ation Security on an annual basis( or as
necessitated by changes in technology( and !odified #here appropriate'
Limitations of Liability
Ac!e assu!es no liability for unauthori)ed acts that *iolate local( state or federal
legislation' In the e*ent that such an act occurs( Ac!e #ill i!!ediately ter!inate its
relationship #ith the *iolator and #ill pro*ide no legal protection or assistance'