Content

Wireless Security Policy

PURPOSE

The purpose of this Policy is to secure and protect LightForce Orthodontics electronic information assets from wireless security threats. LightForce provides wireless network connectivity and must manage wireless infrastructure devices responsibly to maintain the confidentiality, integrity and availability of all information assets. This Policy specifies the conditions that wireless infrastructure devices must satisfy to connect to the LightForce Orthodontic network.

SCOPE

All employees, contractors, consultants and service providers must adhere to this Policy. In addition, this Policy applies to all affiliated and non-affiliated third parties that use the LightForce wireless infrastructure. This Policy applies to all wireless infrastructure devices that connect to a LightForce network or that provide wireless connectivity to endpoint devices including, but not limited to, laptops, desktops, mobile phones and tablets. This includes any form of wireless communication device capable of transmitting packet data.

POLICY

Responsibility for electronic communication resources resides with the IT Department. All wireless infrastructure devices that reside at LightForce and connect to a LightForce network, or provide access to sensitive LightForce information must:

  • Abide by Standards for Wireless Security
  • Use LightForce-approved authentication protocols and infrastructure
  • Use LightForce-approved encryption protocols
  • Maintain a static hardware address (MAC address) that can be registered and tracked. I.E. no Private Browsing/Dynamic MAC Addresseing

COMPLIANCE AND REPORTING

The IT Department enforces this Policy and the related Standards at all times. Anyone who has reason to suspect a deliberate and / or significant violation of this Policy is encouraged to promptly report it to the IT Help Desk. Policy violations will be assessed, and action taken to remediate the violation subject to collective agreements and / or other contractual conditions. Where Policy violations are considered severe and / or cannot be easily remediated, the incident will be escalated to the VP of Engineering for further action.