With the mass explosion of smart p[hones and tablets, pervasive wireless connectivity is almost a given at any organization. Insecure wireless configuration can provide an easy open door for malicious threat actors.

The purpose of this policy is to secure and protect the information assets owned by CrowdFiber. CrowdFiber provides computer devices, networks, and other electronic information systems to meet missions, goals, and initiatives. CrowdFiber grants access to these resources as a privilege and must manage them responsibly to maintain the confidentiality, integrity, and availability of all information assets.

This policy specifies the conditions that wireless infrastructure devices must satisfy to connect to the CrowdFiber network. Only those wireless infrastructure devices that meet the standards specified in this policy or are granted an exception by the Information Security Department are approved for connectivity to a CrowdFiber network.

General Requirements

All wireless infrastructure devices that reside at a CrowdFiber site and connect to a CrowdFiber network, or provide access to information classified as CrowdFiber Confidential, or above must:

  • Abide by the standards specified in the Wireless Communication Standard.
  • Be installed, supported, and maintained by an approved support team.
  • Use CrowdFiber approved authentication protocols and infrastructure.
  • Use CrowdFiber approved encryption protocols.
  • Maintain a hardware address (MAC address) that can be registered and tracked.
  • Not interfere with wireless access deployments maintained by other support organizations.

Lab and Isolated Wireless Device Requirements

All lab wireless infrastructure devices that provide access to CrowdFiber Confidential information, or above, must adhere to General Requirements listed above. Lab and isolated wireless devices that do not provide general network connectivity to the CrowdFiber network must:

  • Be isolated from the corporate network (that is it must not provide any corporate connectivity) and comply with the Lab Security Policy.
  • Not interfere with wireless access deployments maintained by other support organizations.

Home Wireless Device Requirements

  • Wireless infrastructure devices that provide direct access to the CrowdFiber corporate network, must conform to the Home Wireless Device Requirements as detailed in the Wireless Communication Standard.
  • Wireless infrastructure devices that fail to conform to the Home Wireless Device Requirements must be installed in a manner that prohibits direct access to the CrowdFiber corporate network. Access to the CrowdFiber corporate network through this device must use standard remote access authentication.