Remote-access Guide

remote access policy university

by Miss Kristy Bogisich Jr. Published 2 years ago Updated 2 years ago
image

Purpose

The purpose of this policy is to define how the University of Florida controls Remote Access to university information systems and networks in order to prevent unauthorized use.

Scope

This policy applies to all methods the university implements to allow remote access to its services, information systems and networks

Policy

All methods the university provides to offer remote access to services and information systems must be assessed for security, approved, documented and controlled. The university will permit external network access only to approved remote access end points.

Responsibilities

All members of the University of Florida Constituency are responsible for protecting remote access methods, devices and credentials assigned to them. Users are responsible for maintaining the security of computers and devices used to remotely access university resources.

Purpose

The purpose of this policy is to define rules and requirements for connecting to McNeese State University’s network from any host. These rules and requirements are designed to minimize the potential exposure to McNeese State University from damages which may result from unauthorized use of McNeese State University resources.

Scope

This policy applies to all McNeese State University employees, contractors, vendors, and agents with a McNeese State University-owned or personally owned computer or workstation used to connect to the McNeese State University network.

Policy

It is the responsibility of McNeese State University employees, contractors, vendors, and agents with remote access privileges to McNeese State University’s network to ensure that their remote access connection is given the same consideration as the user’s on-site connection to McNeese State University.

Requirements

Secure remote access must be strictly controlled with encryption (i.e., virtual private networks, or VPNs) and strong passphrases.

Policy Compliance

The Office of Information Technology will verify compliance to this policy through various methods, including but not limited to, periodic walk-throughs, video monitoring, business tool reports, internal and external audits, and inspection.

Communication

This policy is distributed via Senior Staff and the University Policies webpage.

What is remote access?

A. Remote access is provided for university related activity only. All devices that are used to connect to the university network through an approved remote access technology are considered to be extensions of the university network and are subject to all applicable university policies, standards and rules.

What happens if you violate the disciplinary policy?

Violation of this policy may result in disciplinary action up to and including termination for employees and temporaries; a termination of employment relations in the case of contractors or consultants; dismissal for interns and volunteers.

Does Rowan University have a remote access policy?

This policy applies to remote access connections used to do work on behalf Rowan University or for personal business, including reading or sending email and viewing intranet web resources.

What is Logmein for college?

LogMeIn is an authenticated “Cloud” based remote access service. The service is maintained and administered by the IT department and is available in two versions. One version provides full access to a user’s desktop and allows the user the same control over services that they would have while seated at their work desk. There is no cost to the College for this version and therefore we will encourage users who need to use a remote access solution to adopt this version. The second version is similar to the free version with the additional capability of transferring files bi-directionally between the remote computer and the user’s work desktop. This expanded version is only available on an as needed basis. Both versions require supervisor approval.

Does Cambridge College have a VPN?

In the past, the College relied on a Virtual Private Network (VPN) to connect remote users directly to the College network. With overhead and support for this type of technology solution running in the multiple thousands per year the College has sought out alternative solutions for this basic service.

Purpose

The purpose of this policy is to define standards for minimizing security risks that may result from unauthorized remote access to the University’s IT Resources.

Scope

This IT policy, and all policies referenced herein, shall apply to all members of the University community, including faculty, students, administrative officials, staff, alumni, authorized guests, delegates, and independent contractors (the “User (s)” or “you”) who use, access, or otherwise employ, locally or remotely, the University’s IT Resources, whether individually controlled, shared, stand-alone, or networked..

Policy Statement

Users must only use remote access for approved business or academic support.

Definitions

Desktop, for this policy, includes but is not limited to laptops, notebooks, or any “personal computer” that can be accessed remotely.

Policy Disclaimer Statement

Deviations from policies, procedures, or guidelines published and approved by Information Security and Assurance (ISA) may only be done cooperatively between ISA and the requesting entity with sufficient time to allow for appropriate risk analysis, documentation, and possible presentation to authorized University representatives.

image

Policy Statement

  • The purpose of this policy is to define how the University of Florida controls Remote Accessto university information systems and networks in order to prevent unauthorized use.
See more on it.ufl.edu

Applicability

  • This policy applies to all methods the university implements to allow remote access to its services, information systems and networks
See more on it.ufl.edu

Definitions

  • Information System:An individual or collection of computing and networking equipment and software used to perform a discrete business function. Examples include the eLearning System, ISIS, the EPIC electronic medical records system, a lab system and associated PC or the set of desktop computers used to perform general duties in a department. Remote Access:Methods all…
See more on it.ufl.edu

Policy Specifics

  1. All methods the university provides to offer remote access to services and information systems must be assessed for security, approved, documented and controlled. The university will permit externa...
  2. Remote access methods must employ appropriate security technologies to secure the session, as well as prevent unauthorized.
See more on it.ufl.edu

Review and Adjudication

  1. All members of the University of Florida Constituency are responsible for protecting remote access methods, devices and credentials assigned to them. Users are responsible for maintaining the secur...
  2. Information Security Managers (ISMs) are responsible for documenting and implementing controls for all remote access methods implemented within their unit. ISMs are also responsi…
  1. All members of the University of Florida Constituency are responsible for protecting remote access methods, devices and credentials assigned to them. Users are responsible for maintaining the secur...
  2. Information Security Managers (ISMs) are responsible for documenting and implementing controls for all remote access methods implemented within their unit. ISMs are also responsible for monitoring...
  3. The Vice President and Chief Information Officer (CIO) is responsible for approval of remote access methods and resources.
  4. The Vice President and Chief Information Officer (CIO) is responsible for implementing systems and specifications to facilitate unit compliance with this policy.

Policy Violations

  • Failure to comply with this policy could result in disciplinary action for employees, up to and including termination. Volunteers may have their volunteer status terminated.
See more on it.ufl.edu

I. Purpose

II. Accountability

III. Applicability

IV. Definitions

  1. Secure remote access must be strictly controlled with encryption (i.e., virtual private networks, or VPNs) and strong passphrases.
  2. Authorized users shall protect their login and password, even from family members.
  3. While using a McNeese State University-owned computer to remotely connect to McNeese State University’s institutional network, authorized users shall ensure the remote host is not c…
  1. Secure remote access must be strictly controlled with encryption (i.e., virtual private networks, or VPNs) and strong passphrases.
  2. Authorized users shall protect their login and password, even from family members.
  3. While using a McNeese State University-owned computer to remotely connect to McNeese State University’s institutional network, authorized users shall ensure the remote host is not connected to any...
  4. Use of external resources to conduct McNeese State University business must be approved in advance by the Office of Information Technology.

VI. Policy

VII. Non-Compliance and Sanctions

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9