Networking of Human Safety-Related Devices
The University of North Carolina at Greensboro
Policy Reference: Security of Networks and Networked Data
Approved: November 30, 2006
Document Maintainer: Information Technology Manager, ITS - Data and Voice Operations
Purpose
This procedure addresses the following sections of the related policy:
Section III.H
"Departments within UNCG that wish to establish connectivity to a third party are to file a new site request with ITS. The sponsoring organization must provide ITS with full and complete information as to the nature of the proposed access."
Public network exposure of devices that relate directly to human safety is unacceptable. Human safety risks are mitigated through the application of this procedure.
Scope
This procedure relates to any device that can be networked and that also relates to Human Safety. Examples include but are not limited to Locks, HVAC, Security Cameras, Utility Controls, and Emergency VoIP Phones.
Responsible Parties
- UNCG ITS Networks
- Non-affiliates
- UNCG Employees
Procedure
Criteria
- Summary information detailing the application operation and list of attached devices (peer group) will be provided to ITS by the device owner via Web form to Service Desk via 6-TECH. A peer group consists of all devices/controllers/servers associated with the particular Human Safety Device application.
- Devices that fit the scope of this procedure necessitate a high level of security and have a well-defined peer group of devices required for communications.
- Devices must not require network communications outside of the defined peer group.
- If there is a concern about scope, a meeting will be led by the Director of Data and Voice Operations and will include ITS Network Architecture and Security group who will evaluate needs on a per application basis.
Requirements
- A logically isolated network will be created on a per application (peer group) basis within the UNCG network infrastructure.
- All attached devices will be uniquely identified by ITS in switching closets through labeling.
- Network attached human safety devices must not have any wireless network interfaces.
- Network attached human safety devices must not be dual plumbed into multiple networks.
- Controllers/workstations associated with the human safety peer group application must be certified on a periodic basis by the responsible party as free from any Trojan horse, virus or other Malware according to UNCG Antivirus Software Procedures.
- Application installation and maintenance patches must occur through hard media such as CD-ROM or flash device.