home » about us » policies » information and communication technology » 

• 
• Contact Us
• FAQ's
• Accessibility
• A-Z
• Links
• Log In 

Start of main content

 Wireless Communication Standard

Please note that as this policy is periodically reviewed and updated, if you print it from the website, its accuracy cannot be guaranteed for more than a 24 hour period following printing.

1. Overview

The purpose of this standard is to secure and protect the information assets owned by Hampshire Fire and Rescue Service (HFRS). HFRS provides computer devices, networks, and other electronic information systems to meet missions, goals, and initiatives. HFRS grants access to these resources as a privilege and must manage them responsibly to maintain the confidentiality, integrity, and availability of all information assets.

This standard specifies the technical requirements that wireless infrastructure devices must satisfy to connect to a HFRS network. Only those wireless infrastructure devices that meet the requirements specified in this standard or are granted an exception by the Information Security Team are approved for connectivity to a HFRS network.

2. Scope

All employees, contractors, consultants, temporary and other workers at HFRS, including all personnel affiliated with third parties that maintain a wireless infrastructure device on behalf of HFRS must adhere to this standard. This standard applies to all wireless infrastructure devices that connect to a HFRS network or reside on a HFRS site that provide wireless connectivity to endpoint devices including, but not limited to; laptops, desktops, smart phones, tablet PC's and personal digital assistants (PDAs). This includes any form of wireless communication device capable of transmitting packet data.

The HFRS Information Security Forum must approve exceptions to this policy in advance.

3. Statement of Requirements

3.1 General Requirements

All wireless infrastructure devices that connect to a HFRS network or provide access to HFRS Confidential or HFRS Restricted information must:

• Use Extensible Authentication Protocol-Fast Authentication via Secure Tunneling (EAP-FAST), Protected Extensible Authentication Protocol (PEAP), or Extensible authentication Protocol-Translation Layer Security (EAP-TLS) as the authentication protocol.

• Use Temporal Key Integrity Protocol (TKIP) or Advanced Encryption System (AES) protocols with a minimum key length of 128 bits.

3.2 Development and Isolated Wireless Device Requirements

• Development device Service Set Identifier (SSID) must be different from HFRS production device SSID.

• Broadcast of development device SSID must be disabled.

3.3 Home Wireless Device Requirements

All home wireless infrastructure devices that provide direct access to HFRS network, such as those behind Enterprise Remote worker (ECR) or hardware VPN, must adhere to the following:

• Enable WiFi Protected Access Pre-shared Key (WPA-PSK), EAP-FAST, PEAP, or EAP-TLS.

• When enabling WPA-PSK, configure a complex shared secret key (at least 8 characters) on the wireless access point.

• Disable broadcast of SSID.

• Change the default SSID name.

• Change the default login and password for the configuration page.

4. Enforcement

This standard is part of the Wireless Communication Policy and failure to conform to the standard is a violation of the policy. Any employee found to have violated the policy may be subject to disciplinary action, up to and including termination of employment. Any violation of the policy by a temporary worker, contractor or vendor may result in the termination of their contract or assignment HFRS.

5. Definitions

Term	Definition
AES	Advanced Encryption System.
HFRS Network	A wired or wireless network including indoor, outdoor networks that provide connectivity to corporate services.
Corporate connectivity	A connection that provides access to an HFRS network.
EAP-FAST	Extensible Authentication Protocol-Fast Authentication via Secure Tunneling: authentication protocol for wireless networks.
Enterprise ClassRemote worker (ECR)	An end-to-end hardware VPN solution for Remote worker accessto the HFRS network.
Information assets	Information that is collected or produced and the underlying hardware, software, services, systems, and technology that is necessary for obtaining, storing, using, and securing that information which is recognized as important and valuable to an organization.
PEAP	Protected Extensible Authentication Protocol, a protocol usedfor transmitting authentication data, including passwords, over802.11 wireless networks
Service Set Identifier(SSID)	A set of characters that give a unique name to a wireless localarea network.
TKIP	Temporal Key Integrity Protocol, an encryption key that's part of WPA.
WPA-PSK	WiFi Protected Access pre-shared key.

• news
• keeping safe
• business fire safety
• kidzone
• careers & training
• about us
• for staff
• Go to Animal Rescue :: Operations Audit Commission and Other External Assessments and Reports - The Service Budget, Accounts and Regulations Business Education Community Response Corporate Planning Current Vacancies :: Careers and Training Environment Equality and Diversity Events Diary Fire Control Fire Safety Regulations Fire Stations Fire and Rescue Authority Freedom Of Information Act 2000 (FOI) Hampshire Fire and Rescue Service Plan History of HFRS Home Safety IPDS Incident Types News Releases Past Members Planning for Emergencies Policies Recent Incidents Service News Service orders Station Admin Manual Top 10 Fire Safety Tips Vehicles and Appliances