University Policies

Page tree

Versions Compared

Old Version 2

changes.mady.by.user Raghu, Rachana

Saved on

compared with

New Version Current

changes.mady.by.user O'Neill, Erin E.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

ROWAN UNIVERSITY POLICY

 


Title: Remote Access Policy
Subject: Information

...

Security                                                     

...


Policy No: ISO:2013:

...

15                                                             

...

  
Applies: University-Wide
Issuing Authority:

...

Senior Vice President for Information Resources and Technology and Chief Information

...

Officer
Responsible Officer: 

...

Director of Information Security
Adopted: 07/01/2013
Amended: 06/01/2014
Last Revision:

...

7/

...

2/

...

2018

I. PURPOSE

A. Rowan University provides secure remote access technologies that enable authorized users to remotely access the university network and its internal resources.

...

Under the direction of the President, the Chief Information Officer and the Chief Director of Information Security Officer shall implement and ensure compliance with this policy.

...

  1. All new or current employees, faculty and staff that require remote access as a function of their job must have their supervising manager or director send an email to the university Helpdesk (support@rowan.edu) requesting access.
  2. All contractors and vendors that require remote access as part of their job requirements with the university must fill out and sign the university remote access request form and Non-Disclosure Agreement (NDR). Each request will be reviewed and approved by the ISO and IRT management.
  3. Any exceptions to the authorization process or access model must be reviewed and approved by the Chief Director of Information Security Officer and Director of Networks & System Services.

...

  1. Non-University owned devices cannot be used to store (save) data on any devices used for remote access. (Refer to university Data Governance Policy for full details on data types and appropriate usage.)
  2. Remote access to internal university applications and networks is currently limited to Citrix technologies, authorized VPN technologies and Internet Web Access technologies. 
  3. Remote access users must not share their login credentials and should take all reasonable efforts to avert accidental disclosure.
  4. In order to connect to remote access technologies from off campus a high-speed internet connection is recommended (i.e. cable modem, DSL, FIOS).
  5. Faculty, Staff and affiliates with remote access privileges must ensure that their University owned or personal computer or workstation, which is remotely connected to the university network, is not connected to any other external network at the same time.
  6. Affiliates that require a permanent remote access connection must be approved by the Chief Director of Information Security Officer and Director of Networks & System Services, and must be configured to use VPN tunneling.

...

A. Violation of this policy may result in disciplinary action up to and including termination for employees and temporaries; a termination of employment relations in the case of contractors or consultants; dismissal for interns and volunteers.

 


By Direction of the CIO:

   Image Removed                                                                        

__________________________________

Mira Lalovic-Hand,
VP SVP and Chief Information Officer