11 Network Security

11-1 Policy

The Postal Service network infrastructure must be protected at a level commensurate with its value to the Postal Service. Such protection must include the implementation of the physical, administrative, and technical security controls and processes that safeguard the confidentiality, availability, and integrity of the network and the data in transit in accordance with Postal Service policies and procedures.

Network controls and processes are necessary to do the following:

  1. Safeguard data traffic.
  2. Detect and prevent unauthorized access.
  3. Respond to computer security incidents.
  4. Detect and correct transmission line errors.
  5. Ensure message integrity throughout the system.
  6. Provide network and data security.
  7. Ensure that recovery procedures are in place and working.
  8. Specify the appropriate auditing procedures.

This policy applies to all information resources, technologies, services, and communications that are part of the Postal Service network, including the following:

  1. All transmission technologies used on behalf of the Postal Service in Postal Service or non-Postal Service facilities [(e.g., local area networks (LANs); wide area networks (WANs); voice communications; videoconferencing systems; voice messaging systems; desktop video communications; satellite broadcasts; facsimile transmission; and all other transmissions over landline, wireless, or Internet-based networks].
  2. All types of information and network services, data, voice, image, and multimedia communications, regardless of transmission technology.

The Postal Service prohibits the attachment of any nonapproved network device, to include routers, switches, repeaters, wireless access-points, and firewalls to any point of the network. Direct questions about whether a network device is approved to the NCRB via e-mail to ncrb@usps.gov. The Postal Service removes or disables nonapproved network devices added to the network infrastructure.