Policy Name: Remote Network Access Policy
Policy ID Number: 03-05-020
Version Effective Date: June, 2010
Last Reviewed on: January 1, 2019
Policy Applies To: University wide
Responsible Office: Information Technology
INTRODUCTION AND STATEMENT OF PURPOSE
Remote network access is provided for those faculty and staff who find themselves doing university business from a remote location, such as home or when traveling. Remote access to the NJCU data network is also provided to consultants and contractors as needed. While the connection is as secure as possible, remote access is inherently a security risk. Consequently, policy and procedures are required to minimize this risk.
NJCU provides remote network access so that authorized personnel have access to network services from off campus. The policy, procedures, and guidelines provided in this document were developed to minimize risk associated with this activity. It is, therefore, very important that members of the university and contracted workers who are granted remote access privileges follow these regulations.
Remote network access involves setting up a virtual private network (VPN) connection between the remote computer using VPN client software and a special gateway router that allows access to the university network over the Internet. This requires a high-speed connection to the Internet via an Internet Service Provider. Access is granted to users by login, using an account name and password combination. When actively connected to the NJCU network, all traffic to and from the remotely attached PC is through the VPN tunnel, including Internet browsing.
VPN client software provides an encrypted connection between an individual and a private network, so activity over this connection is secure and private. By utilizing the public Internet for data transport, VPN provides a low cost solution to remote access or connectivity. In effect, this allows members of the University community to access NJCU network recourses as if they were on campus.
Administrators, IT staff, faculty and authorized contractors are permitted remote network access through VPN client software with the approval of the requester’s supervisor and/or the head of the Department of Information Technology (IT) or by contractual agreement. VPN is a "user managed" service. This means that the user is responsible for selecting an Internet Service Provider (ISP), coordinating installation, installing any required software, and paying associated connection fees.
Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment. Consultants and contractors will be subject to legal action up to and including the payment of fines and penalties that may be incurred, and immediate termination of all contractual agreements.
Key Performance Indicators (KPIs)
The following success of the policy will be assessed annually using the following quantifiable measures:
Consultants and Contractors
Intention of use must be included with bid submissions and in final contracts.
The minimum hardware/software requirements for connectivity are:
DATE TO INITIATE REVIEW AND UPDATE
As deemed necessary or appropriate by the Policy Coordinator but at a minimum, at least every 5 years from the date of last review.