1306. Network Connection (Pending Approval)

Summary

This policy defines the requirements for attaching any device to the Montana Tech network. The goal is to maintain a high-performance environment while protecting University data. This applies to all faculty, staff, students, guests and members of the Montana Bureau of Mining and Geology.

Body

Subject:

Information Technology (IT)

Policy:

1306. Network Connection Policy

Revised:

02/24/2026

Effective Date:

< 2017

Review Date:

04/27/2026

Responsible Party:

Information Technology

Introduction and Purpose:

This policy defines the requirements for attaching any device to the Montana Tech network. The goal is to maintain a high-performance environment while protecting University data. This applies to all faculty, staff, students, guests and members of the Montana Bureau of Mining and Geology.

 

Policy:

This policy describes the requirements and constraints for attaching a computer to the Montana Tech local area network (LAN). All computers installed on the Montana Tech network fall under the authority and responsibility of Network Services, and as such, they must meet minimum security requirements.  This policy intends to ensure that all systems installed on the Montana Tech network are maintained at appropriate levels of security while at the same time not impeding the ability of Montana Tech users and support staff to perform their work.

 

Procedures:

Device Classification:

Managed (Secured) Systems
Devices owned by Montana Tech and managed by Information Technology.

Unmanaged (BYOD) Systems
Privately owned devices (laptops, phones) not managed by IT. These systems are the sole responsibility of the owner for maintenance and security.

Restricted Network Hardware
The installation of unauthorized networking equipment (e.g., personal routers, wireless access points, unmanaged switches) is strictly prohibited.

  • Unauthorized hardware will be immediately disabled by Network Services.
  • Legitimate research needs for specialized networking must be approved by Network Services.

Device & Connection Standards

Wired Connectivity (Ethernet)

Wired access is regulated based on the physical location and the type of device:

  • Academic & Administrative Zones: Reserved exclusively for Managed (Secure) Systems. Personal devices are prohibited from these ports.
  • Residential Zones (Dorms): Students may connect personal devices (laptops, gaming consoles). Access is "Plug-n-Play," but limited to the physical ports provided.

Wireless Access (Wi-Fi)

Wi-Fi is the primary connection point for all unmanaged (BYOD) systems.

  • Authenticated Access: Users must log in with official Montana Tech credentials (e.g. eduroam, mtdorms).
  • Guest Access: Isolated for visitors; limited to internet browsing only (mtguest).

Prohibited Hardware & Services

To prevent interference and security breaches, the following are strictly prohibited on the Montana Tech network without prior authorization from Network Services:

  1. Unauthorized Infrastructure: Routers, Wireless Access Points (APs), and Range Extenders (Restricted Network Hardware)
  2. Unmanaged Switches: Devices used to "split" a wall port into multiple connections (Restricted Network Hardware).
  3. Network Services: Any device running unauthorized Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), Routing Information Protocol (RIP), Open Shortest Path First (OSPF), Spanning Tree Protocol (STP), proxy, or any other competing network services or protocols.
  4. Internet of Things (IoT): Smart bulbs, voice assistants (Alexa/Google Home), wireless printers, and streaming sticks (Roku/Chromecast) are not recommended in the residential buildings due to interference and security vulnerabilities. In academic buildings, please contact the IT Helpdesk for approval.
  5. Research Specific Hardware: High-risk hardware that cannot be patched/upgraded is prohibited from connecting to the Montana Tech Network.

Security Requirements

All managed systems on the Montana Tech network must meet these standards:

  • Identity: All activity must be tied to a unique User ID. Shared accounts are not permitted unless approved by Information Technology.
  • Addressing: Devices must use IT-assigned DHCP. Static IPs must be configured by Information Technology.

All unmanaged systems on the Montana Tech network must meet these standards:

  • Addressing: Devices must use IT-assigned DHCP.
  • Maintenance: Owners of unmanaged systems are responsible for the integrity of their devices. IT reserves the right to scan for vulnerabilities.

Enforcement & Compliance

Port Security

The IT Department utilizes active monitoring to protect the network:

  • Automatic Disconnection: If a prohibited device (Router, Switch, etc.) is detected, the port will be disabled immediately.
  • Quarantine: Devices exhibiting signs of infection or malicious traffic will be isolated without notice.

Restoration of Service

To restore access after a violation:

  1. Remove the offending hardware or device.
  2. Contact the Montana Tech IT Help Desk.

Repeat violations may lead to permanent loss of wired privileges or disciplinary action.

Contact Information

Questions or security incident reports should be directed to the Montana Tech IT Department.

 

Internal control considerations, if applicable:

Changes to procedures will be shared by the CIO or designee at the next Cabinet meeting so that the campus community can be notified as needed. 
 

 

Details

Details

Article ID: 171469
Created
Mon 4/27/26 1:10 PM
Modified
Wed 4/29/26 3:11 PM
Last review date
04/27/2026
Next review date
04/27/2027