Unauthorized Network Device Restriction Policy
Version 1.0
For Students, Faculty, Staff, Guests, Alumni
Purpose
The purpose of this policy is to protect the confidentiality, integrity, and availability of the University's IT Resources by prohibiting the connection and extension of network devices to any of the University's networks that the Office of Information Technology does not authorize.
Scope
This IT security policy, and all policies referenced herein, shall apply to all members of the University community, including faculty, students, administrators, staff, alumni, authorized guests, delegates, and independent contractors (the "User(s)" or "you") who use, access, or otherwise employ, locally or remotely, the University's IT Resources, whether individually controlled, shared, stand-alone, or networked.
Policy Statement
- Connecting infrastructure network devices (e.g., hubs, routers, switches, access points) to the University's network is strictly prohibited unless explicitly authorized by the Office of Information Technology.
- All network devices connected to the University's networks must be configured and installed by the Office of Information Technology and other authorized parties.
- Requests for connectivity for additional devices must be submitted for review and approval via the University’s ticketing system.
- Any unauthorized network device found connected to the University's network will be subject to removal or disconnection.
- Users responsible for such connections may face disciplinary actions as detailed in the Acceptable Uses of IT Infrastructure and Resources Policy Statement
- Exceptions to this policy may be granted on a case-by-case basis.
- Requests for exceptions must be submitted to the University’s ticketing system.
- The Office of Information Technology reviews requests based on the security implications and the operational needs of the requesting party.
Definitions
IT Resources include computing, networking, communications, applications, telecommunications systems, infrastructure, hardware, software, data, databases, personnel, procedures, physical facilities, cloud-based vendors, Software as a Service (SaaS) vendors, and related materials and services.
Related Policies and Procedures
- Acceptable Use of IT Infrastructure and Resources
- Firewall/Access Control List Policy
- Wireless Use Policy
Implementation Information
| Review Frequency: | Triennial |
|---|---|
| Responsible Person: | Senior Director of IT Security and Assurance |
| Approved By: | CISO |
| Approval Date: | April 27, 2026 |
Revision History
| Version: | Date: | Description: |
|---|---|---|
| 1.0 | 04/27/2026 | Initial document |
Policy Disclaimer Statement
Deviations from policies, procedures, or guidelines published and approved by Information Security and Assurance (ISA) will only be considered cooperatively between ISA and the requesting entity with sufficient notice to allow for conducting appropriate risk analysis, documentation, review, and notification to authorized University representatives where necessary. Failure to adhere to ISA written policies may be met with University sanctions up to and including dismissal.