Re: Remote Access Policies

[Gary Dobbins <dobbins () ND EDU>]

Todd,

I can't speak for how prevalent is this model, but in our case the VPN is positioned mainly as a way of getting "on" 
the campus LAN, and not a form of access in and of itself.  Access to information is governed by the systems and 
applications, not the VPN.  Therefore, our VPN is just a location-shifter (makes you "local" so non-public-serving 
systems don't need to trust the whole world) and thus its use is covered by the same overarching Responsible Use Policy 
that covers activity when physically using the campus net.


> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Todd Bossaller
> Sent: Monday, July 14, 2008 7:59 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] Remote Access Policies
>
> Does anyone have any policies or rules they would be willing to share for remote
> access (VPN) to their instituion?  Are there any legal policies/procedures I should
> be aware of?
>
> Thank you,
>
> Todd Bossaller
> Systems Administrator
> Missouri Valley College
> 500 E College St
> Marshall, MO 65340
> 660.831.4088
> bossallert () moval edu<mailto:bossallert () moval edu>
> This document may contain confidential information and is intended solely for the
> use of the addressee. If you received it in error, please contact the sender at
> once and destroy the document. The document may contain information subject
> to restrictions of the Family Educational Rights and Privacy and the Gramm-Leach-
> Bliley Acts. Such information may not be disclosed or used in any fashion outside
> the scope of the service for which you are receiving the information