Remote Access and Virtual Private Network (VPN) Security 政策
政策的名字: Remote Access and Virtual Private Network (VPN) Security
保单号码: IT- 6003
有效: 2021/05
修改后: 不适用
政策声明
政策
Approved 十大网络彩票平台大全 employees and authorized third parties (承包商, 供应商, etc.) may utilize the benefits of VPNs for remote access to the services on the internal Holy Family network.
过程:
- Remote access must be requested by opening a 帮助台 request. Required approvals include the requestor’s vice president and the VP of 信息技术. Remote access consideration is intended for job functions that require remote access to the internal network.
- Remote access to the Holy Family Network is for the sole use of the individual only. The individual bears responsibility for the consequences should the access be misused.
- VPN Access will be set up and managed by 十大网络彩票平台大全 network operational groups.
- Remote access is implemented and controlled through an IPSec Concentrator. Only one VPN network connection is allowed at a time. Remote connections and VPN users will be automatically disconnected from 十大网络彩票平台大全's network after 30 minutes of inactivity (idle timeout) and a maximum connection time of 10 hours. The user must then log on again to reconnect to the network. Pings or other artificial network processes are not to be used to circumvent these limits to keep the connection open.
- Please review the following policies for details of protecting information when accessing the university network via remote access methods, and acceptable use of 十大网络彩票平台大全's network:
要求:
- Holy Family Employees must use a Holy Family-owned and managed laptop or desktop to access the network by VPN. 员工个人设备不允许使用.
- Only IT-approved VPN client software may be used.
- Secure remote access and VPN use must be strictly controlled. Control will be enforced via password authentication, 令牌设备, or public/private keys with strong passphrases.
- The user is responsible for selecting their personal Internet Service Provider (ISP), 协调安装, 安装所需软件, 并支付相关费用.
- It is the responsibility of employees with VPN privileges to ensure that unauthorized users are not allowed access to 十大网络彩票平台大全 internal networks. At no time should any 十大网络彩票平台大全 employee, 承包商, 供应商, or agent provide their login or email password to anyone, 即使是家庭成员也不行.
- It is the responsibility of 十大网络彩票平台大全 employees, 承包商, 供应商, and agents with remote access privileges to 十大网络彩票平台大全's network to ensure that their remote access connection is given the same security consideration as the user's on-site connection to 十大网络彩票平台大全 and uphold the same security and privacy requirements for FERPA and HIPAA when working remotely.
- 十大网络彩票平台大全 employees and 承包商 with remote access privileges must ensure that their computer or workstation, which is remotely connected to 十大网络彩票平台大全's network, is not connected to any other network at the same time, with the exception of a personal/private network that is under the complete control of the user. For example, the user does not control the Starbucks wireless network.
- All computers connected to 十大网络彩票平台大全 internal networks via VPN must include security software to detect and protect against viruses.
- Reconfiguration of a remote user's equipment for the purpose of split-tunneling or dual-homing is not permitted at any time
- Vendors using VPN connectivity with 供应商-owned equipment must understand that their machines are a de facto extension of 十大网络彩票平台大全's network, and as such are subject to the same rules and regulations that apply to 十大网络彩票平台大全-owned equipment, i.e., their machines must be configured to comply with HFU IT’s Security Policies.
- Contractor or 供应商 performing work on Holy Family’s behalf must certify that their equipment meets the security and network requirements of 十大网络彩票平台大全, and must be approved by the Vice President of IT.
- Organizations or individuals who wish to implement non-standard hardware and security configurations for Remote Access to the 十大网络彩票平台大全 production network must obtain prior approval from the Vice President of IT.
定义
VPN—虚拟专用网