Information Technology

Wireless Requirements and Procedures

Information Technology (IT) is responsible for ensuring the stability, performance, integrity, and security of the University of Massachusetts Boston (UMass Boston) network infrastructure in support of UMass Boston’s mission of education, research, and service.  Wireless network technologies increasingly play an important role in extending the campus-wide wired data network by reducing the requirements of physical infrastructure, bringing important benefits in convenience, flexibility, and ubiquitous access.  Wireless networking enables users to keep laptop and handheld devices connected to the UMass Boston data network in nontraditional locations (e.g., outdoor spaces).

Most commonly used wireless data network equipment operates within the non-licensed portions of the radio frequency spectrum, which is a finite resource shared by all campus users.  Although the Federal Communications Commission (FCC) does not license or control the use of these frequencies, standards for their use are necessary to prevent radio frequency interference (RFI) that disrupts other devices that legitimately use these frequencies.  For example, the frequencies used by most wireless devices are in the unlicensed 2.4 GHz Industrial, Scientific, and Medical (ISM) band.  Devices legitimately using this band include cordless telephones, PDAs, microwave ovens, sprinkler systems, and traffic signals.  Moreover, in confined and highly populated areas, RFI from incompatible uses of wireless equipment can result in significant service degradation that limits network access by all members of the UMass Boston community.  When deploying wireless services, interference in these frequency bands must be anticipated and dealt with through careful engineering to ensure service quality and reliability for enterprise-wide network use and support.

Wireless network access poses significant risks to campus network security and to the protection, integrity, and reliability of data, including instructional, research, financial, personal, operational, and other sensitive data, that are maintained on or served from university information systems.  These radio transmissions can be intercepted by radio receiving devices and the data captured by individuals without university authorization.  University owned, leased, or operated wireless devices connected to university network infrastructure must be carefully installed and administered to manage these security risks.

The purpose of this wireless policy is to explicate how wireless devices will be installed and operated to protect the integrity, reliability, service quality, and security of the entire UMass Boston network, and to ensure as ubiquitous wireless coverage as possible in public campus spaces for all members of the UMass Boston community.

This UMass Boston policy is in compliance with the Board of Trustees policy T97-010 (passed February 5, 1997; last revised September 23, 2005) Policy Statement on Data Security, Electronic Mail, and Computer Policy Development, which requires that each campus of the University of Massachusetts (UMass) develop and implement policies, standards, and guidelines related to data security, electronic mail, and acceptable use of computing and data resources.  This wireless policy should be read in conjunction with the University of Massachusetts Boston Campus Network and Server Security Policy, which is available online at the IT website.

This policy is subject to change as new technologies and processes emerge.

Definitions

Ad hoc wireless connection – connection of a computer or peripheral to a network without the use of a wireless router or a router and a wireless access point; typically used for smaller networks, such as a home network.
802.xx standard – Institute of Electrical and Electronics Engineers (IEEE) family of networking standards that covers the physical layer specifications of technologies from Ethernet to wireless.  For example, 802.11 covers Wireless Local Area Network Media Access Control and Physical Layer specifications.
Media access control (MAC) address – the unique identifier attached to most network devices for security purposes.
Strong password – passwords easily guessed by an authorized user or computer are known as weak or vulnerable passwords; passwords very difficult or impossible to guess are considered strong.  A strong password is sufficiently long, random, and producible only by the user who chose it.  It is recommended that passwords use a combination of lower and upper case letters, digits, and symbols (e.g., w5Prti%3T).
UMass Boston computers and networked resources – include all computers and network resources (e.g. routers, switches, print servers, remote access servers) owned, leased, or operated by or on behalf of UMass Boston, as well as all systems directly connected to IT-maintained networks or systems on networks that receive network service from UMass Boston (e.g., campus local area network connections, modem pools, virtual private network connections).
Wireless access point (WAP) –spread spectrum radiofrequency wireless device or technology that provides a common connection point for devices in a wireless network.  A WAP uses transmit and receive antennas instead of plug in connector ports for access by multiple users of the wireless network.  A WAP can be connected to the wired network to bridge between the campus backbone and a wireless network.  A WAP that is connected to the UMass Boston network but not managed by IT is known as an independent WAP.
Wireless client – hardware and software that is installed in a desktop, laptop, handheld, portable, or other computing device to allow it to communicate with a WAP, providing an interface to a wireless network.
Wireless network or wireless local area network (WLAN) – type of computer network spanning a relatively small area (e.g., a single building or group of buildings) that uses high frequency radio waves rather than wire to communicate between nodes (e.g., computer, printer, wired network).

Statement of Policy

As the central support entity for the UMass Boston campus-wide wired and wireless data networks, IT is assigned the following responsibilities and authority concerning the deployment and use of university owned, leased, or operated wireless devices:

Recommended Wireless Computing Habits

The risks of wireless communications can be minimized through good wireless computing habits.  Following the guidelines below will decrease these risks.