Overview
Version 1.0
Last Revision Date: August 30, 2007
Approval Date: August 30, 2007
Approval Authority: Case Chief Information Security Officer
Purpose
The Case logon banner policy standardizes the implementation of logon
banners for IT systems in the University's computing environment.
Scope
This policy applies to all information technology
systems that process information at Tier
2 and Tier 3. This also applies to all systems that use the
Case network infrastructure.
Cancellation
Not applicable.
Policy Statement
General
All IT systems that display a user login which is visible to the
general public shall display the University's login banner. The
banner notifies any person encountering or using Case IT resources of
the requirement to adhere to the Case Acceptable Use
Policy. The banner also serves to notify any person who
accesses a Case system of the private nature of our networked
environments, and that monitoring is taking place to ensure authorized
use only.
Network Applications and General Desktop Use
The standard login banner is:
Warning!
This is a private
system. Unauthorized access to or use of this system is
strictly prohibited. By continuing, you acknowledge your awareness
of and concurrence with the
Acceptable Use Policy of Case Western Reserve University.
Unauthorized users may be subject to criminal prosecution under the law
and are subject to disciplinary action under University policies.
It is understood that not all warning banner implementations will
support a direct linkage to the Acceptable Use Policy, but for
web-service based logins, the banner shall include the hyperlink in the
text.
Handheld Computing Devices
Many handheld devices have a smaller buffer space for a banner
message. The modified banner for handheld devices (Blackberry,
WinCE, PalmOS, etc. ) is:
Warning! This device
is the property of Case Western Reserve University. Unauthorized
access to or use of this device is prohibited and may subject you to
legal prosecution of disciplinary action.
Responsibility
Systems administrators are responsible for implementing warning banners
where applicable in their systems. This includes, for example,
remote access banners for ssh, ftp, or nfs services.
Definitions
Banner: a text display message that is presented to a users via
either the graphical or command line interface.
Blackberry: A handheld computing device that runs the RIM
Blackberry OS. These devices often include cellular telephone,
email, and calendar software and services.
WinCE: A handheld computing device that runs the Windows Mobile OS.
PalmOS: A handheld computing device that runs the PalmOS.
Standards Review Cycle
This standard will be reviewed every two years on
the anniversary of the policy effective date, at a minimum. The
standard may be reviewed on a more frequent basis depending on changes
of risk exposure.
|
