10. Security Considerations
Institutions who wish to connect to the Internet should be aware that the Internet network is, by nature, and open network. As such, connecting institutions must make sure that security mechanisms are in force on their own campus network to ensure that unauthorized or inappropriate use of campus resources is not exploited by either the internal campus or by the external Internet community. Moreover, it is incumbent on the institution to ensure that the campus community is aware of the proper use of the Internet. The institution bears the responsibility to educate its users on the appropriate use of campus systems within the context of proper and ethical use of the Internet.
An assessment of security on the campus network prior to connecting to the Internet should ensure that all required security patches are installed on all campus connected systems as well as on the campus network. Systems with sensitive data or information should be physically secure as well as up to date with software security patches. In so far as possible, network addressable devices should be secure. Changes to these devices should only be effected by authorized network management personnel to avoid potential security risks.
For more information on security issues, refer to FYI 8, RFC 1244(-> 2196fyi8), "Site Security Handbook" [1].
In summary, it is only the cooperation and attention of each connecting institution on the Internet to security issues that will ensure the security of the Internet as a whole.