Network Security Policy
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
This is a page concerning a policy or procedure in development.
Once fleshed out, we'll consider it for adoption as official policy at Free Geek.
Policy
Discussed by Technocrats (link needed).
(The wording is from the most recent agreed upon policy - starting from an RT ticket.)
- No infrastructure computer, including staff workstations or laptops, may retain a default or easily guessed username and password, including but not limited to "oem", "admin", "guest", "freegeek", "password", etc..
- No infrastructure computer, including staff workstations, shall have additional login services installed, such as ssh-server, without approval from the Technocrats committee.
- Infrastructure systems do not include computers being built and tested in the build programs or systems being diagnosed and repaired in Tech Support, nor do they include laptops brought in for short periods during our normal hours of operations for internet access.
Systems running anything other than Linux OS shall be limited to the wireless (insecure) network unless authorized by the Technocrats.- All infrastructure systems running on the secure network must be running an operating system authorized by by the Technocrats.
- No system running dhcp-server or any similar services may be connected to any part of Free Geek's network without approval from the Technocrats.
- No wireless access points may be attached to Free Geek's network unless approved by the Technocrats.
Notes
Include some or all of:
- the current process for complying with this policy
- Related policies
- Interpretation/Implementation/Commentary
- Examples/Background/History
- Exceptions/Ramifications
- Etc...