System Use Notification

Summary

Guidelines to comply with Logon Banner IT standards for APM 30.11.

Body

Overview

A Logon Banner, or System Use Notification, is required on UI systems as part of Standards for APM 30.11, and to meet NIST 800-171 requirements 3.1.9, and 3.2.1. For legal reasons, it is also best practice to have such a notice in place in case future prosecution is needed. Guidelines below comply with IT Standards for this notice.

Policy exceptions for non-interactive logins can be made on a case-by-case basis. Create a ticket in TeamDynamix and assign OIT Security as the responsible party to review the policy exception and make a determination.

For systems that are not used interactively (like digital signage), TSPs can can disable the System Use notice without an explicit policy exception.

System Use Notification

Windows

On Microsoft Windows, the System Use notification is implemented through Group Policy for "Interactive Logon: Message text." On UI systems, you may see a message like this when attempting to logon:

This system is property of the University of Idaho. Use of this system may be monitored, recorded, and subject to audit. Unauthorized access is prohibited and subject to criminal and civil penalties. If you are unauthorized, terminate access now. Click OK to indicate your acceptance of this information

 

macOS

On macOS, this is called a policy banner and may be implemented through JAMF for managed systems:

This system is property of the University of Idaho.  Use of this system may be monitored, recorded, and subject to audit.  Unauthorized access is prohibited and subject to criminal and civil penalties.   If you are unauthorized, terminate access now. Click ACCEPT to indicate your acceptance of this information.

 

Linux/Unix

On Linux or Unix systems, this is typically implemented by enabling a "Banner" file in your sshd_config. This will look something like this at attempted logon:

++++++++++++++++++++++++++++++++++++++++++++++++++ This system is property of the University of Idaho. Use of this system may be monitored, recorded, and subject to audit.  Unauthorized access is prohibited and subject to criminal and civil penalties.   If you are unauthorized, terminate access now.  ++++++++++++++++++++++++++++++++++++++++++++++++++

Approved Text

The following text has been approved by UI General Counsel for UI systems:

This system is property of the University of Idaho. Use of this system may be monitored, recorded, and subject to audit. Unauthorized access is prohibited and subject to criminal and civil penalties. If you are unauthorized, terminate access now. Click OK to indicate your acceptance of this information

The last sentence of acknowledgement should only be used where the system supports it.

Resources

https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on

https://support.apple.com/en-us/HT202277

https://man7.org/linux/man-pages/man5/sshd_config.5.html