Clear Text Access

1.0 Purpose

This network access Procedure facilitates protection of sensitive and private information including but not limited to computer account numbers, passwords, student, faculty and staff identification information, credit card information, federal and state protected information, etc.

2.0 Scope

This Procedure covers all data communication devices (e.g., hosts, personal computers, PDAs, etc.) connected to any of Appalachian State University's internal networks.

Note: At this time Instant Messaging (IM) is not covered by this poicy.

3.0 Procedure

This Procedure prohibits Untrusted Network access to Appalachian State University Trusted Networks via unsecured Clear Text Access mechanisms such as Telnet, FTP and regular HTTP web logins. To comply with this Procedure, access to Appalachian State University's Trusted Networks must maintain secure encrypted client connectivity.

  1. Secure access methods such as SSH, SCP and HTTPS should be used when sensitive data is transferred between network devices.
  2. VPNs must be used when accessing Trusted Devices from Untrusted Networks (See VPN Procedure).
  3. Telnet access initiated from the Internet will not be allowed.
  4. FTP access will be limited to anonymous or will be severly scrutinized.

4.0 Enforcement

Anyone found to have violated this Procedure may have their network access privileges temporarily or permanently revoked.

5.0 Definitions

Clear Text Access
Any computer access method that transmits non-encrypted (clear text) data.

SCP
A secure application that performs the same basic function as FTP.

SSH
A secure application that performs the same basic function as Telnet.

Trusted Device
A device connected to the on campus network that has been registered for Network use by or for a staff or faculty member using their University Computer User Account. Or devices located in special ITS managed subnets.

Trusted User
Appalachian State University Staff, Faculty, or Third party contractors who have executed a Third Party Connection Agreement.

Trusted Network
All devices registered as default faculty and staff administered and other devices registered in special Trusted VLANs such as Special Purpose and University Administrative subnets.

Untrusted Network
All devices that do not fit the Trusted Network definition, including but not limited to Internet devices.

VPN
Virtual Private Network, a way to extend the corporate/production (trusted) network using authentication and encryption.

6.0 Revision History


Advanced