1.0 Purpose
The purpose of this procedure is to define standards for connecting to the Southeastern Technical College (STC) network from any host. These standards are designed to minimize the potential exposure to STC from damages which may result from unauthorized use of STC resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical STC internal systems, etc.
2.0 Scope
This procedure applies to all STC employees, students, contractors, vendors and agents with a STC-owned or personally-owned computer or workstation used to connect to the STC network. This procedure applies to remote access connections used to do work on behalf of STC or for STC academic courses, including reading or sending email and viewing Intranet web resources.
Remote access implementations that are covered by this procedure include, but are not limited to Fiber, DSL, VPN, SSH, cable modems, Remote Desktop Access, etc.
3.0 Procedure
3.1 General
1. It is the responsibility of STC employees, students, contractors, vendors and agents with remote access privileges to STC's multi-campus network to ensure that their remote access connection is given the same consideration as the user's on-site connection to STC.
2. General access to the Internet for recreational use by immediate household members through the STC Network on personal computers is not permitted.
3. Please review the following procedures for details of protecting information when accessing the multi-campus network via remote access methods, and acceptable use of STC's network:
a. Computer Use Procedure
b. Email Use Procedure
c. Privacy Notice to Computer Users
4. For additional information regarding STC's remote access connection options, including how to request service and obtain technical support contact the STC Information Technology Department.
3.2 Requirements
1. At no time should any STC employee, student, contractor, vendor or agent with remote access privileges provide their login credentials to anyone, not even family members.
2. Reconfiguration of a home user's equipment for the purpose of split-tunneling or dual homing is not permitted at any time.
3. Non-standard hardware configurations must be approved by the STC Information Technology (IT) Department, and the STC IT Department must approve security configurations for access to hardware.
4. All hosts that are connected to STC internal networks via remote access technologies must use up-to-date anti-virus software, this includes personal computers.
5. Organizations or individuals who wish to implement non-standard Remote Access solutions to the STC production network must obtain prior approval from the Chief Information Officer.
4.0 Enforcement
Abuse or misuse of computing/information technology services may violate this procedure, but it may also violate criminal statutes. Therefore, STC will take appropriate action in response to user abuse or misuse of computing/information technology services. Action may include, but not necessarily limited to, the following:
1. Suspension or revocation of computing privileges. Access to all computing facilities and systems can, may, or will be, denied;
2. Reimbursement to STC for resources consumed;
3. Other legal action including action to recover damages;
4. Referral to law enforcement authorities;
5. Computer users (faculty, staff and/or students) will be referred to the appropriate office for disciplinary action.
5.0 Definitions
|
Term |
Definition |
|
Dual Homing |
Having
concurrent connectivity to more than one network from a computer
or network device. Examples include: Being logged into the
Corporate network via a local Ethernet connection, and dialing
into AOL or other Internet service provider (ISP). Being on a
-provided Remote Access home network, and
connecting to another network, such as a spouse's remote access.
Configuring an ISDN router to dial into and an
ISP, depending on packet destination. |
|
DSL |
Digital
Subscriber Line (DSL) is a form of high-speed Internet access
competing with cable modems. DSL works over standard phone lines
and supports data speeds of over 2 Mbps downstream (to the user)
and slower speeds upstream (to the Internet). |
|
Remote
Access |
Any access
to STC's multi-campus network through a non-STC controlled
network, device, or medium. |
|
Split-tunneling |
Simultaneous
direct access to a non-STC network (such as the Internet, or a
home network) from a remote device (PC, PDA, WAP phone, etc.)
while connected into STC's multi-campus network via a VPN
tunnel. VPN Virtual Private Network (VPN) is a method for
accessing a remote network via "tunneling" through the Internet. |
|
|
|