information security: logon banner standard

III-7 Case Logon Banner Standard

Overview

Version 1.0
Last Revision Date: May 20, 2011
Approval Date: August 30, 2007
Approval Authority: Case Chief Information Security Officer

Purpose

The Case logon banner policy standardizes the implementation of logon banners for IT systems in the University's computing environment.

Scope

This policy applies to all information technology systems that process information at Tier 2 and Tier 3.  This also applies to all systems that use the Case network infrastructure.

Cancellation

Not applicable.

Policy Statement

General

All IT systems that display a user login which is visible to the general public shall display the University's login banner. The banner notifies any person encountering or using Case IT resources of the requirement to adhere to the Case Acceptable Use Policy. The banner also serves to notify any person who accesses a Case system of the private nature of our networked environments, and that monitoring is taking place to ensure authorized use only.

Network Applications and General Desktop Use

The standard login banner is:

Warning!

This is a private system.  Unauthorized access to or use of this system  is strictly prohibited. By continuing, you acknowledge your awareness of and concurrence with the Acceptable Use Policy of Case Western Reserve University.  Unauthorized users may be subject to criminal prosecution under the law and are subject to disciplinary action under University policies.

It is understood that not all warning banner implementations will support a direct linkage to the Acceptable Use Policy, but for web-service based logins, the banner shall include the hyperlink in the text.

Handheld Computing Devices

Many handheld devices have a smaller buffer space for a banner message. The modified banner for handheld devices (Blackberry, WinCE, PalmOS, etc. ) is:

Warning! This device is the property of Case Western Reserve University. Unauthorized access to or use of this device is prohibited and may subject you to legal prosecution of disciplinary action.

Responsibility

Systems administrators are responsible for implementing warning banners where applicable in their systems. This includes, for example, remote access banners for ssh, ftp, or nfs services.

Definitions

Banner: a text display message that is presented to a users via either the graphical or command line interface.

Blackberry: A handheld computing device that runs the RIM Blackberry OS. These devices often include cellular telephone, email, and calendar software and services.

WinCE: A handheld computing device that runs the Windows Mobile OS.

PalmOS: A handheld computing device that runs the PalmOS.

Standards Review Cycle

This standard will be reviewed every two years on the anniversary of the policy effective date, at a minimum. The standard may be reviewed on a more frequent basis depending on changes of risk exposure.

© 2013 Case Western Reserve University
Cleveland, OH 44106
216.368.2000
 
Information Technology Services
(legal notice)
 
Contact website owner
 
Contact our service desk
CWRU ITS Social Networks
Translate this page

Share |