Network Protection Policy
Published: March, 2010
Revised: March, 2023
The secure management of OMG Network (as such term is defined in the OMG Information Security Charter (the “Charter”) https://www.omahamediagroup.com/isc, which may span organizational boundaries, requires the careful consideration of the flow of information and the regulatory requirements regarding monitoring and protection of Networks. OMG requires that all Network, communications and telecommunications related equipment and devices, including cabling, be installed and maintained by OMG Information Technology (OMGIT).
Capitalized terms used herein without definition are defined in the Charter.
II. Policy History
- The effective date of this Policy is March 30, 2010.
- Reviewed and/or revised March 14, 2023.
III. Policy Text
A. Requirements for System Owners and IT Custodians
This Policy applies to all communications cabling, equipment and infrastructure devices, including but not limited to the following: telecommunications switches, data networking switches and routers, wireless access points, cellular distributed antenna systems, cellular repeaters and/or bi-directional amplifiers, cellular macro sites, cable and satellite television reception and distribution equipment.
A. Standard Requirements
- The following equipment must be installed and maintained by OMGIT:
- Communications cabling, including any permanent cabling and/or cabling between workspaces and rooms intended to be used for voice and data networking or other communications;
- Routers on OMG Network that serve to segment the Network;
- Communications switches and hubs (e.g., Ethernet switches) on OMG Network;
- Wireless Access Point (WAPs) and other wireless devices that provide access to, or bridge, OMG Network;
- Telecommunications equipment (e.g., PBXes, VOIP systems, etc.);
- Cellular telephone (voice and data) communications infrastructure cabling, antennas, and equipment; and
- Cable and satellite television infrastructure cabling, antennas and equipment.
- All Network enabled devices connected to OMG Network (other than Network enabled devices connected to the OMG Network) must use (a) the DHCP to configure Network IP addresses and (b) the DNS protocol for Server information. Network enabled devices connected to the OMG Network must adhere to Network and security procedures.
- OMG IT staff implement the appropriate logging and monitoring of Networks in accordance with the OMG Information Resource Access Control and Log Management Policy https://www.omahamediagroup.com/isc.
- Standard protections are established by the applicable Information Security Office and implemented by OMG IT staff to safeguard the confidentiality and integrity of OMG information passing over public and wireless Networks.
B. Bandwidth Quotas
To maintain Network performance, OMGIT has implemented an automated Network bandwidth quota system. Individual computers may be limited in either the inbound or outbound direction. Limits are imposed only on off-campus traffic to or from the Internet. Traffic on OMG's internal Network and on Internet is not restricted in any way.
The parameters of this system may be changed without prior notice in order to ensure proper functioning of the Network for OMG community.
An exception to the Internet bandwidth limitations may be granted for Servers used for legitimate OMG business through the use of special approval by OMGIT.
C. Waivers and Exceptions
Existing or future Network or communications infrastructure that is not maintained by OMGIT as of the effective date of this Policy may be granted a waiver from the requirements of this Policy with the written approval of OMGIT. A description of the infrastructure and a rationale for the request should be submitted to OMGIT by an Executive Manager. If approved, the exception will be subject to annual review.
IV. Cross References to Related Policies
The Information Security Policies and certain additional documentation are listed in Appendix A hereto.