Re: Remote Access Policies

[Charlie Prothero <Charlie.Prothero () KEYSTONE EDU>]

Hi, Todd.  Because of the many security risks associated with VPN, we
replaced it with MS terminal servers as our primary remote access
vehicle.  The terminal servers' RDP ports are published out through our
firewall, and will only accept encrypted connections.  This approach is
also much easier to support than VPN.

We do still have VPN, but only people who need access to specific
machines (i.e. IT staff, faculty/admin staff with specialized software,
etc) get it.  

- Charlie

Charlie Prothero
CIO
Keystone College

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Todd Bossaller
Sent: Monday, July 14, 2008 7:59 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Remote Access Policies

Does anyone have any policies or rules they would be willing to share
for remote access (VPN) to their instituion?  Are there any legal
policies/procedures I should be aware of?

Thank you,

Todd Bossaller
Systems Administrator
Missouri Valley College
500 E College St
Marshall, MO 65340
660.831.4088
bossallert () moval edu<mailto:bossallert () moval edu>
This document may contain confidential information and is intended
solely for the use of the addressee. If you received it in error, please
contact the sender at once and destroy the document. The document may
contain information subject to restrictions of the Family Educational
Rights and Privacy and the Gramm-Leach-Bliley Acts. Such information may
not be disclosed or used in any fashion outside the scope of the service
for which you are receiving the information