Skip to main content

Policies

Go Search
Home
  
Policies > Wiki Pages > Remote Access to Network and Computing Resources  

Remote Access to Network and Computing Resources

Purpose:

The purpose of this policy is to define the requirements for, and responsibilities of, remote access to Worcester State College network and computer services.

 

 

 

Statement:

Users must protect the confidentiality and integrity of any data that is accessed remotely. This includes, but is not limited to, ensuring that any Worcester State data is either erased from the remote device or protected appropriately, based on the sensitivity of the information. Remote device is defined as a laptop or desktop computer, palmtop device, or personal digital assistant device used to access remote access services.

 

 

 

Description:

  • Any dial-in access to Worcester State’s resources must be limited to authorized entry points. The telephone numbers used for dial-in must not use the same exchange as Worcester State’s published numbers. Modems on desktops, laptops, and servers are not authorized entry points.
  • All inbound connections to the Worcester State enterprise network and/or multi-user computer systems connected to the Worcester State enterprise network must pass through an access control system such as a firewall, modem pool, telecommunications front-end, or similar system prior to being permitted to reach a log-in prompt.
  • Users remotely accessing the Worcester State network must be authenticated using strong authentication mechanisms,
  • Users are responsible for maintaining the confidentiality of IDs, passwords, token cards, and corresponding PIN codes that are given or assigned in conjunction with the remote access service.
  • Only Worcester State approved remote devices may be used to access remote access services. Any device used to access remote access services must conform to all Worcester State policies including, but not limited to, Worcester State policies noted above. The use of personal or non-Worcester State issued remote devices requires the approval of local Worcester State management and an agreement with the User that the device will be maintained in accordance with all Worcester State policies.
  • All Worcester State owned remote access software and hardware must be returned upon a User’s end of employment or elimination of the need for remote access.
  • Users who are not Worcester State employees must coordinate with the Data Security Officer for access.
  • Users should disconnect from the remote access connection when not actively using it. Users must be disconnected after sixty (60) minutes of idle time. Users must not use any automatic method to avoid the inactivity disconnect.

 

 

 

Additional Information:

  • Users are accountable for any harm resulting from disclosure of any password/access codes or the loss of any token or smart card. Any breach or potential breach, disclosure of a password or PIN code, or loss of a token card must be immediately communicated to the Data Security Officer.
  • Users must ensure that precautions are taken to protect Worcester State networking and computing resources when uploading software, files, and data from the remote device to the Worcester State enterprise network. Users have the responsibility of ensuring that all software, files, and data entering Worcester State’s computing environment are properly scanned for all potential contaminants including, but not limited to, viruses, malicious programs, malicious applets, and “Trojan Horse” functionality.
  • Worcester State reserves the right to monitor the content and traffic patterns and/or electronically screen networking and computing resources, including activity and traffic originating remotely. 
  • Access for diagnostic purposes from vendors or system administration personnel that provides direct access (i.e., bypasses required access control points) must be provided only as needed and used only when the enterprise remote access service is unavailable or does not meet the requirements for diagnostic access. Such access may be enabled only for the duration of the required diagnostic or maintenance activity and must be disabled immediately upon its completion by physically unplugging cables and/or turning off equipment.

 

 

Approved By: Don Vescio

 

 

Date of Origination: 5/9/2008

 

 

Last modified at 7/2/2009 7:18 PM  by Vescio, Donald