The following guidelines suggest items you should consider when planning for a secure local area network (LAN). While not all items listed here may apply to your area's situation, you should be aware that ignoring them could invite potential security problems, especially as your network grows and you gain greater access to shared computing resources (and more people gain access to your network).

Alternative processing methods for critical functions should be available in case LAN services are disrupted for extended periods.

Servers should be located in a physically secure area accessible only to the network administrators.

Where every workstation may be used as a server, all devices should be under supervision when in use, and should be physically secured when not in use.

Transmission media (cables and connectors) should be covered and protected to ensure they cannot be tapped by unauthorized personnel or devices. Transmission media should be physically secured (in conduits, trenches, ducts, etc.) to prevent electronic eavesdropping.

Hardware and storage media should be protected from excessive dust, dirt, heat and moisture.

Hardware and storage media should be protected from power surges, electrostatic discharges, and magnetism. There should be an uninterruptable power supply attached to the server.

Combustible materials should not be stored near network equipment.

Fire and smoke detectors should be installed near network equipment.

Carbon dioxide fire extinguishers should be located near network equipment.

Power cords should be covered to ensure they are not a hazard.

Cables and connectors should be installed in accordance with University standards and the National Electrical Code and the National Fire Protection Code.

Sensitive, confidential, or critical documentation, files, and software should be stored in a fireproof safe when not in use.

Interconnection device access should be disabled after hours.

Access to NOS software, files, and commands should be controlled and appropriately restricted.

It may be helpful to be able to identify uniquely each node attached to the network.

The network should provide the ability to audit (log) network activity when an actual security threat has been identified.

The network should provide the ability to produce various reports on network utilization and on audited events.

Access privileges granted for data files (for example, read, modify, create, and delete files) should be controlled and limited to only what is necessary. Data should be available only to users who are authorized to access those data.

Access privileges granted for programs and applications (for example, execute only, read, update, create and delete, etc.) should be controlled and limited to only what is necessary. Access to powerful utility programs should be controlled, and their use monitored.

Each authorized user of the network should be uniquely identified.

The network should authenticate (by requiring a password, for example) each authorized user.

Users should be able to change their passwords.

Users should be required to change their passwords at a predefined interval.

Passwords associated with special privileges, such as the administrator’s login, should be changed more frequently.

Passwords should not be displayed.

As the technology becomes available, passwords should be passed on the network in a secure format.

A certain number of unsuccessful login attempts should result in the suspension of the login ID.

Users should be automatically logged out or the workstation should be locked after a period of nonuse to prevent unauthorized access.

Access to University data or files classified as sensitive, confidential, or critical should be controlled appropriate to their classification.

An audit trail of all station additions and deletions should be maintained.

For authorized personnel, security tables and files should be easy to maintain.

Additions and changes to the security tables and files should be effective immediately.

The software should provide the ability to delegate administration of some functions and some users in such a way that the sub-administrator can be assigned responsibility for those portions of the security tables and files which directly affect his or her department or unit.

Adequate network administration resources (manuals, vendor support, etc.) should be available.

Regular backups of production software should be done, with backup tapes kept in a secured location protected from environmental hazards and unauthorized use. Periodic backup copies of the entire system should be made, as well as selected backup copies of specific files as needed.

Backup procedures should be documented.

External labels should be used to identify the contents of backups.

Data sensitivity and security should be monitored during recovery from a backup, and should be reinstated once recovery is complete, i.e. access rights should be restored.

Alternative processing methods for critical functions should be available in case LAN services are disrupted for extended periods.

Managers and supervisors within the departments using the LAN should understand the importance of LAN security, and should communicate that information to departmental personnel.

Network administrators should be trained, and a backup administrator should be identified.

Access privileges for transferred or terminated employees or employees on leave should be reviewed and adjusted.

Network administration functions should be limited to specific users and to specific network nodes.

A current inventory of workstation and file server hardware and software should be maintained.

Users should be aware of the license and contract restrictions that affect their use of the LAN.

Copyrighted software and documentation should not be copied, and concurrent access to single-user software should not be allowed on the LAN.

Users should be informed about their responsibilities for equipment, software, data security, and copyrighted material.

Requests to develop or change programs and files should be approved by authorized personnel.

Adequate documentation of system administration procedures, parameters, and maintenance activities should be maintained. Contact information should be available for vendors or others who have agreed to provide network maintenance.

A disaster recovery plan should be in place that lists symptoms, possible causes, preventative measures, and recovery steps for such disasters as power outage, server failure, tape backup unit failure, application software failure, NOS upgrade failure, cabling failure, client failure, and virus attack.

Procedures should be in place to ensure that all modifications to routing tables and translator tables are properly authorized, that such changes are made only by authorized personnel, that changes are tested prior to implementation, and that an adequate audit trail exists to document all modifications.

Procedures for changing or updating existing programs and files should be established and maintained. Vendor-supplied software changes and updates should be tested, installed, and distributed where appropriate.

Users should be informed of changes such as new versions software changes and the effects of those changes.

Users should be informed about any restrictions on using hardware and software for personal use.

Access to interconnection devices (gateway servers, router, bridges, etc.) should be limited to authorized users only.

Monitoring systems should be in place to detect unauthorized access attempts.

Interconnection device access should terminate automatically if unauthorized use is detected.

Interconnection device access should be disabled after hours.

Access to the communication devices’ configuration files and tables should be restricted to only authorized network administrators.