III-7 Case Logon Banner Standard
Last Revision Date: May 20, 2011
Approval Date: August 30, 2007
Approval Authority: Case Chief Information Security Officer
The Case logon banner policy standardizes the implementation of logon banners for IT systems in the University's computing environment.
This policy applies to all information technology systems that process information at Tier 2 and Tier 3. This also applies to all systems that use the Case network infrastructure.
All IT systems that display a user login which is visible to the general public shall display the University's login banner. The banner notifies any person encountering or using Case IT resources of the requirement to adhere to the Case Acceptable Use Policy. The banner also serves to notify any person who accesses a Case system of the private nature of our networked environments, and that monitoring is taking place to ensure authorized use only.
Network Applications and General Desktop Use
The standard login banner is:
This is a private system. Unauthorized access to or use of this system is strictly prohibited. By continuing, you acknowledge your awareness of and concurrence with the Acceptable Use Policy of Case Western Reserve University. Unauthorized users may be subject to criminal prosecution under the law and are subject to disciplinary action under University policies.
It is understood that not all warning banner implementations will support a direct linkage to the Acceptable Use Policy, but for web-service based logins, the banner shall include the hyperlink in the text.
Handheld Computing Devices
Many handheld devices have a smaller buffer space for a banner message. The modified banner for handheld devices (Blackberry, WinCE, Palm OS, etc. ) is:
Systems administrators are responsible for implementing warning banners where applicable in their systems. This includes, for example, remote access banners for ssh, ftp, or nfs services.
Banner: a text display message that is presented to a users via either the graphical or command line interface.
Blackberry: A handheld computing device that runs the RIM Blackberry OS. These devices often include cellular telephone, email, and calendar software and services.
WinCE: A handheld computing device that runs the Windows Mobile OS.
Palm OS: A handheld computing device that runs the Palm OS.
Standards Review Cycle
This standard will be reviewed every two years on the anniversary of the policy effective date, at a minimum. The standard may be reviewed on a more frequent basis depending on changes of risk exposure.