Date of Original Implementation: October 2011
Date of Last Revision: October 2011
Background for this Policy
Access to key information systems and services resident on the Cambridge College network from the public Internet is a requirement for a significant portion of the Cambridge College community. In the past, the College relied on a Virtual Private Network (VPN) to connect remote users directly to the College network. With overhead and support for this type of technology solution running in the multiple thousands per year the College has sought out alternative solutions for this basic service.
While the College has not set a date to discontinue the VPN service it has established a service using LogMeIn’s remote access “cloud based” solution to provide employees a way to access their secure desktops to perform most basic desktop functions.
The intent of this policy is to identify remote access methods and procedures that will insure a high level of security for Cambridge College IT physical assets and data. These include network infrastructure, College servers, College workstations, Financial data, HR data, student information, other forms of personal information and other information necessary to support the academic mission and business functions of the College. The policy will define standard approved remote access methods for connecting to Cambridge College network resources by any/all authorized users. It will establish guidelines for managing and protecting information resources and services on the College LAN and enable the use of hardware, software and procedures for implementing the policy.
The policy's guiding philosophy is to keep Cambridge College information within the Cambridge College internal network. As such, this policy is designed to enable users' full remote access to authorized resources that are necessary to perform their jobs while minimizing the exposure of College IT resources to external threats. For example, copying or moving files that contain protected Cambridge College information from a system on the College Local Area Network (LAN) to a remote workstation is prohibited. All policy decisions not explicitly outlined in the policy will be based on this philosophy.
This policy does not identify approved users or their authorization. It only identifies the method of access and authentication and defines the process for requesting access. Access privileges are granted by the Data Custodians, Principal Administrator, or Managers of a Business unit or application owners responsible for the information being accessed.
In order to provide a faster lighter weight method to gaining secure access to the College’s business systems and services the IT department supports LogMeIn. LogMeIn is an authenticated “Cloud” based remote access service. The service is maintained and administered by the IT department and is available in two versions. One version provides full access to a user’s desktop and allows the user the same control over services that they would have while seated at their work desk. There is no cost to the College for this version and therefore we will encourage users who need to use a remote access solution to adopt this version. The second version is similar to the free version with the additional capability of transferring files bi-directionally between the remote computer and the user’s work desktop. This expanded version is only available on an as needed basis. Both versions require supervisor approval.
POLICY APPLIES TO:
This policy applies to all, faculty, and staff of Cambridge College who require remote access to the College network while away from their office. These users are responsible for reading, understanding, and complying with this policy.
Individuals Responsible for Revision and Implementation: Vice President for Finance and Administration and Director of Information Technology