Difference between revisions of "Network Security Policy"
Jump to navigation
Jump to search
(→Policy: dumped content from 20161) |
|||
Line 2: | Line 2: | ||
{{Policy Header | {{Policy Header | ||
| PolicyName = {{PAGENAME}} | | PolicyName = {{PAGENAME}} | ||
− | | notes = | + | | notes = Security of our network. |
}} | }} | ||
==Policy== | ==Policy== | ||
− | '' | + | ''Discussed by Technocrats (link needed).'' |
* Wording of the most recent agreed upon policy - as agreed upon | * Wording of the most recent agreed upon policy - as agreed upon | ||
− | from | + | from [[FGRT:20161]] |
− | + | * No infrastructure computer, including staff workstations/laptops, may retain a default or easily guessed username/password, including but not limited to "oem", "Admin", "guest", "freegeek", etc.. | |
− | retain | + | * No infrastructure computer, including staff workstations, shall have additional login services installed, such as ssh-server, without approval from the Technocrats committee. |
− | a default or easily guessed username/password, including but not limited to | + | * Infrastructure systems do not include computers being built and tested in the build programs or systems being diagnosed and repaired in Tech Support, nor do they include laptops brought in for short periods during our normal hours of operations for internet access. |
− | oem | + | * <s>All systems running on the sanything other than Linux OS shall be limited to the wireless (insecure) network unless authorized by the Technocrats.</s> |
− | + | * All infrastructure systems running on the secure network must be running an operating system authorized by by the Technocrats. | |
− | + | * No system running dhcp-server or any similar services may be connected to any part of Free Geek's network without approval from the Technocrats. | |
− | additional login services installed, such as ssh-server, without | + | * No wireless access points may be attached to Free Geek's network unless approved by the Technocrats. |
− | approval from | ||
− | the Technocrats. | ||
− | |||
− | |||
− | the | ||
− | |||
− | |||
− | wireless (insecure) network unless authorized by the Technocrats. | ||
− | |||
− | |||
− | any part of Free Geek's network without approval from the Technocrats. | ||
− | |||
− | |||
− | approved by the Technocrats. | ||
==Notes== | ==Notes== |
Revision as of 14:28, 6 November 2010
This is a page concerning a policy or procedure in development.
Once fleshed out, we'll consider it for adoption as official policy at Free Geek.
Policy
Discussed by Technocrats (link needed).
- Wording of the most recent agreed upon policy - as agreed upon
from FGRT:20161
- No infrastructure computer, including staff workstations/laptops, may retain a default or easily guessed username/password, including but not limited to "oem", "Admin", "guest", "freegeek", etc..
- No infrastructure computer, including staff workstations, shall have additional login services installed, such as ssh-server, without approval from the Technocrats committee.
- Infrastructure systems do not include computers being built and tested in the build programs or systems being diagnosed and repaired in Tech Support, nor do they include laptops brought in for short periods during our normal hours of operations for internet access.
All systems running on the sanything other than Linux OS shall be limited to the wireless (insecure) network unless authorized by the Technocrats.- All infrastructure systems running on the secure network must be running an operating system authorized by by the Technocrats.
- No system running dhcp-server or any similar services may be connected to any part of Free Geek's network without approval from the Technocrats.
- No wireless access points may be attached to Free Geek's network unless approved by the Technocrats.
Notes
Include some or all of:
- the current process for complying with this policy
- Related policies
- Interpretation/Implementation/Commentary
- Examples/Background/History
- Exceptions/Ramifications
- Etc...