The purpose of this policy is to provide guidelines for obtaining remote access to information technology devices on the Mississippi College (MC) network via Virtual Private Network (VPN) connections.
The scope of this policy includes equipment owned by MC and equipment owned by MC employees, contractors, consultants, temporaries, and other workers utilizing remote access to and from the MC network through VPN.
Approved MC employees, contractors or other workers who accept all remote access user responsibilities and requirements may utilize the benefits of remote access to the MC network.
- A VPN Request Form must be completed by the requestor, approved by the appropriate department authority and submitted to the Chief Information Officer.
- Remote access to the MC network must be authorized by the Chief Information Officer of MC or a designee.
- The VPN user is responsible for selecting an Internet Service Provider (ISP), coordinating installation, installing any required software, and paying associated fees. The VPN user will be subject to the conditions and performance constraints of their chosen ISP. MC is not responsible for ISP conditions and constraints.
- Remote access to the MC network is a privilege. The privilege is not perpetual and is subject to review, modification and re-approval at any time.
- VPN users are responsible for all activities of the VPN user while connected to the MC network and for maintaining the confidentiality of account passwords.
- VPN users are responsible for restricting access to stations used for VPN access while connected to the College’s network and for ensuring that other users are not allowed access to the remotely connected stations.
- When actively connected to the MC network over the VPN, users accept that the remote station becomes an extension of the MC network and, as such, is subject to the same usage rules that apply to MC-owned equipment. All computer usage while connected is subject to the Acceptable Use Policy and the Information Security Policy.
- VPN Users are responsible for ensuring that the remote station is secure and meets the operational configuration required for secure VPN connections. This may include specific operating systems versions or updates, specialized software applications (ex: antivirus, antispyware, and firewall software), and specific operational settings as communicated by the MC Computer Services staff.
- Users must log out when access to MC networks is not being actively used. VPN users may be automatically disconnected from the MC network after a time period of inactivity. The user must then logon again to reconnect to the network.
Enforcement and Consequences
- Violation of this policy may result in the revocation of access to MC network.
- MC system administrators may temporarily suspend access privileges if necessary to maintain the integrity of network resources.
Approved by the Information Technology Committee, October 13, 2016