AC-18 Wireless Access

Description

Wireless technologies include, for example, microwave, packet radio (UHF/VHF), 802.11x, and Bluetooth. Wireless networks use authentication protocols (e.g., EAP/TLS, PEAP), which provide credential protection and mutual authentication.

Applicability

The TAMU-CC Wireless Access Control applies equally to all groups and individuals that utilize wireless connectivity to access TAMU-CC information resources.

This includes students, faculty, and staff members as well as guest account users, vendors, and research partners.

Implementation

Wireless installation requests should be sent by email message to the Division of IT at ITHelp@tamucc.edu.  

TAMU-CC shall establish the requirements and security restrictions for installing or providing access to the state organization information resources systems, as follows:

  1. Establish usage restrictions, configuration/connection requirements, and implementation guidance for wireless access. The network Custodian shall ensure that all University-provided wireless access shall be password protected and that access to that wireless service shall be linked to an individual through authentication mechanisms; and
  2. Authorize wireless access to the information system prior to allowing such connections.
  3. Wireless Local Area Networks. Ensure that Service Set Identifiers (SSID) values are changed from the manufacturer default setting. Some networks should not include organizational or location information in the SSID. Additional equipment configuration recommendations are included in the Wireless Security Guidelines.
  4. Types of information that may be transmitted via wireless networks and devices with or without encryption including mission critical information or sensitive personal information. TAMU-CC shall not transmit confidential information via a wireless connection to, or from a portable computing device unless encryption methods, such as a Virtual Private Network (VPN), Wi-Fi Protected Access, or other secure encryption protocols that meet appropriate protection or certification standards, are used to protect the information. All users shall ensure that if they send confidential information over any wireless network, either
    1. the data itself is encrypted,
    2. the link is encrypted (e.g., VPN, HTTPS, Secure FTP), or
    3. both the data and link are encrypted.
  5. Prohibit and periodically monitor any unauthorized installation or use of Wireless Personal Area Networks on state organizational IT systems by individuals without the approval of the state organization information resources manager. The network infrastructure Custodian shall routinely scan for unapproved network devices (e.g., rogue wireless access points).

Revision History

Last Updated: February 21, 2025

Previous Versions:

  • June 29, 2023
  • May 31, 2022
  • March 25, 2021
  • September 16, 2019

Chief Information Security and Privacy Officer

Submit a Ticket

News

See All News

Events

See All Events