Â鶹´«Ã½

Policy 13 - Remote Access Policy

1.0 Purpose

The purpose of this policy is to provide guidelines for remote access connections to the Â鶹´«Ã½ State University network. Any questions or comments about this policy should be directed to Information Systems.

2.0 Scope

This policy applies to students, faculty, staff or individuals external to Â鶹´«Ã½ that utilize remote access connections to the Â鶹´«Ã½ internal network.

3.0 Policy

Approved Â鶹´«Ã½ State University employees and authorized third parties (customers, vendors, etc.) may use Â鶹´«Ã½ State University's VPN or other approved remote access tools, which is a "user managed" service. This means that the user is responsible for selecting an Internet Service Provider (ISP), coordinating installation, installing any required software and paying associated fees.

Users must also abide by the following general guidelines, as well as the VPN Standards.

  • It is the responsibility of employees with VPN or remote access privileges to ensure that unauthorized users are not allowed access to Â鶹´«Ã½ State University internal networks.
  • VPN gateways and remote access technology will be set up and managed by Â鶹´«Ã½ State University Information Systems staff.
  • Users of computers that are not Â鶹´«Ã½ State University-owned equipment must configure the equipment to comply with Â鶹´«Ã½ State University’s Remote Access and Network policies.
  • Only Information Systems-approved VPN clients and remote access software may be used.
  • All remote access to the Â鶹´«Ã½ State University network must utilize multi-factor authentication unless otherwise authorized by Information Systems.

4.0 Enforcement

Anyone found to have violated this policy may be subject to disciplinary action according to personnel policies and procedures. A violation of this policy by a temporary worker, contractor or vendor may result in the termination of their contract or assignment with Â鶹´«Ã½ State University.

5.0 Definitions

Multi-factor Authentication (MFA)

A multi-step account login process that requires users to enter more information than just a password. For example, along with the password, users might be asked to enter a code sent to their email, answer a secret question, etc. MFA always includes at least two different factors containing something you know (password), something you have (phone), something you are (biometrics).



Policy adopted:  02-25-2011
Revision adopted:  08-21-2024
Policy approval and adoption: Â鶹´«Ã½ State University President's Office and Information Systems Security

Take the next step

© Â鶹´«Ã½ State University Department of Web ManagementWe are Racers.