Remote Access Rule

Remote Network Access Security Rule

 

Purpose:

Dixie State College IT Services provides remote network access using an enterprise SSL Virtual Private Network (VPN) service. This service is intended to meet the need for access to on-campus IT resources from remote locations for students, faculty, staff, and other campus affiliates.
Uncontrolled, decentralized remote network access to the DSC network presents significant risks to the security and stability of the College network and to sensitive internal College data and personal confidential data stored on College systems. Non-standard remote access systems may bypass safeguards and controls designed to protect the College network and data stored on College IT resources. In addition, remote access services provided by third-parties are not subject to College policies, have no obligation to protect College data, and may not provide audit capabilities to College IT staff and Data Stewards.

Parent Policy:

Dixie State College Information Technology Security Policy 6-50

Rule:

I. The College VPN provides secure remote access by default to public College IT resources including, but not limited to:

• www.dixie.edu and other College Websites

• Employee Email

• Banner Self-Service System

• Learning Management Systems

Many of the above services are publicly available regardless of College VPN use. However, the College VPN provides a secure network path to access these services and its use is encouraged in circumstances such as Wi-Fi hotspots in airports, hotels, and coffee shops or any other situations where the remote network’s security or trustworthiness is unknown or suspect.

II. The College VPN is also intended to provide remote access to systems and services that are not publicly available, including terminal or desktop access to office computers. Access to internal IT resources must be arranged through IT Services. Users requesting College VPN remote access directly to the College Banner INB system, terminal or desktop access to office computers to facilitate access to the Banner INB system, or remote access to other systems containing confidential personal information must receive authorization from their Data Steward or supervisor before IT Services will provision this access.

III. Use of the College VPN extends the College network beyond the physical boundaries of the College. Users of the College VPN are responsible for ensuring that any device, whether College- or personally-owned, used for College VPN remote access complies with College IT security and usage policies and rules.

IV. Students, faculty, staff, and other affiliates must use the College VPN service provided by IT Services to remotely access internal College IT resources, and may not use non-standard remote access systems or services unless the following conditions are met:

a. The remote access system or service is the subject of academic instruction, or,

b. The non-standard remote access system or service is required to perform a function in the course of College business that cannot be met using the              College VPN service, or,

c. The non-standard remote access system or service is required for a vendor or service provider to provide support for a system or product used by                the College, and the non-standard remote access system or service provides access only to the affected system or product.

d. The Data Steward(s) with responsibility over the user, department, and/or IT resource has approved the use of the non-standard remote access                   system or service.

Upon discovery of unauthorized non-standard remote access system or service on the College network, College IT staff may, at their discretion, block the non-standard remote access system or service until the involved user(s) has met the above conditions.
Information Technology Governance Committee Approval: 1/19/2011
College Council Approval: Pending