Network Security Policy

From FreekiWiki
Jump to: navigation, search

This is a page concerning a policy or procedure in development.
Once fleshed out, we'll consider it for adoption as official policy at Free Geek.

Network Security Policy: Security of our network.
List of Policies - Policy Development


Policy

Discussed by Technocrats (link needed).

(The wording is from the most recent agreed upon policy - starting from an RT ticket.)

  • No infrastructure computer, including staff workstations or laptops, may retain a default or easily guessed username and password, including but not limited to "oem", "admin", "guest", "freegeek", "password", etc..
  • No infrastructure computer, including staff workstations, shall have additional login services installed, such as ssh-server, without approval from the Technocrats committee.
  • Infrastructure systems do not include computers being built and tested in the build programs or systems being diagnosed and repaired in Tech Support, nor do they include laptops brought in for short periods during our normal hours of operations for internet access.
  • Systems running anything other than Linux OS shall be limited to the wireless (insecure) network unless authorized by the Technocrats.
  • All infrastructure systems running on the secure network must be running an operating system authorized by by the Technocrats.
  • No system running dhcp-server or any similar services may be connected to any part of Free Geek's network without approval from the Technocrats.
  • No wireless access points may be attached to Free Geek's network unless approved by the Technocrats.

Notes

Include some or all of:

  • the current process for complying with this policy
  • Related policies
  • Interpretation/Implementation/Commentary
  • Examples/Background/History
  • Exceptions/Ramifications
  • Etc...