Educause Security Discussion mailing list archives

Re: Remote Access Policies

From: Matthew Gracie <graciem () CANISIUS EDU>
Date: Tue, 15 Jul 2008 11:30:30 -0400

Todd Bossaller wrote:

Does anyone have any policies or rules they would be willing to share
for remote access (VPN) to their instituion?  Are there any legal
policies/procedures I should be aware of?


A big one for us when we started formalizing security policies was
forbidding connection to the VPN from personally-owned computers. I
didn't feel that the College had any right to enforce proper security
policies on computers that we don't own, so now users who wish to use
the VPN to work at home have to request a laptop from their department.

It seems like a minor point, but it's astonishing how malware-infested
the home computer of the average PhD is these days.

--Matt

--
Matt Gracie                         (716) 888-8378
Information Security Administrator  graciem () canisius edu
Canisius College ITS                Buffalo, NY
http://www2.canisius.edu/~graciem/graciem_public_key.gpg

Current thread:

Remote Access Policies Todd Bossaller (Jul 14)
- <Possible follow-ups>
- Re: Remote Access Policies Gary Dobbins (Jul 14)
- Re: Remote Access Policies Charlie Prothero (Jul 14)
- Re: Remote Access Policies Bill Terry (Jul 14)
- Re: Remote Access Policies Matthew Gracie (Jul 15)
- Re: Remote Access Policies Kim Z. Dale (Jul 15)
- Re: Remote Access Policies Di Fabio, Andrea (Jul 15)
- Re: Remote Access Policies Philip Webster (Jul 15)