Authorized Network Devices

IIT policy regarding authorized access to the SoP network

  1. Introduction. Federal laws such as HIPAA and FERPA and recommendations made by computer security organizations such as SANS require that organizations take steps to prevent unauthorized access to their networks. Unauthorized access can lead to hacking, loss of network services, theft of data, or other events detrimental to an organization. To mitigate unauthorized network access, the University of Wisconsin-Madison School of Pharmacy adopts the following policy regarding unauthorized access.
  2. Definitions.
    • SoP: the University of Wisconsin-Madison School of Pharmacy.
    • Wireless Network: the network in Rennebohm Hall through which computers communicate using radio signals. The wireless network is under the jurisdiction of and is maintained by the UW-Madison Division of Information Technology (DoIT). People using the wireless network must authenticate to it using their campus NetID and password. Communication through a datajack may also use the campus wireless network, if that data jack is configured to do so.
    • SoP (or “Wired”) Network: the network accessed by physically plugging a computing or network device into a data jack in Rennebohm Hall. This is the network that we need to protect from unauthorized access. This network is protected with a firewall, and is accessed only through a properly configured datajack, not the campus wireless network.
    • Data Jack: a telephone-like socket into which one may plug a computer or other device for network access.
  3. Policy.
    • This policy does not apply to devices using the School of Pharmacy’s wireless network. The wireless network is separate from the “wired” network. The “wired” network is protected from the wireless network by a firewall device.
    • The School of Pharmacy will allow only those devices approved by its IIT staff to connect to its network. Examples of “approved” devices can include, but are not limited to, computer workstations, lab instruments, network hubs or routers, or personal computers (in particular, those brought in by visiting faculty, lecturers, or graduate students).
    • To prevent unauthorized devices from using the SoP network, SoP IIT staff will configure data jacks so that only specific devices can communicate through them with the network. Without this configuration, it is possible to unplug an authorized device, and plug in an unauthorized device.
    • IIT staff will configure data jacks located in public areas, such as classrooms, conference rooms, or student areas, so that they are either inactive (preventing access) or use the campus wireless network (requiring authentication).
    • IIT staff will configure data jacks in research labs so that only specific, authorized devices can communicate through the data jacks.
    • We may alter this policy in the future as needed to meet new and unforeseen events.
    • SoP IIT staff will immediately remove any unauthorized devices attached to the SoP Network upon discovery or notification.