VPN Policy

Approved by the President
10/27/2009

Latest Revision
7/12/2022

Policy Contact
IT Security Administrator
607-436-3203
itsecurity@oneonta.edu

Policy Statement

The purpose of this policy is to provide guidelines for VPN access to the SUNY Oneonta network.

Rationale:

The VPN provides secure access to the most sensitive resources on the SUNY Oneonta network. It is necessary to ensure that users understand the requirements and responsibilities of VPN access.

Applicability of the Policy

This policy applies to all SUNY Oneonta employees and authorized third parties (vendors) that access the SUNY Oneonta network through our VPN.

Policy Elaboration

The VPN allows users at remote locations to access services and applications available only on the SUNY Oneonta network. By accessing the campus network through a VPN, the user bypasses security measures designed to protect the network from viruses, hackers and other threats on the Internet. Therefore, users who require a VPN must accept the responsibility of assuring that the computer they will use is secure.

Definitions

VPN– A Virtual Private Network establishes a secure connection between two trusted locations (your computer and the SUNY Oneonta network) via an insecure, public network (the Internet).

Procedures

Anyone wishing to gain VPN privileges must signify compliance with this policy by completing the VPN User Agreement form. The agreement will then be reviewed by the department of IT security, who will grant or deny access and notify the user.

Security

An administrator who will grant or deny access and notify the user.

Hardware & Software Requirements

  1. Your computer must be clean of malware and have approved up-to-date antivirus software installed.
  2. Your computer must be up-to-date on all critical security patches.
  3. Your computer must have a personal firewall enabled except where alternate security measures have been approved by the IT Security Administrator.
  4. You must use a VPN client approved by the IT Security Administrator and set up in accordance with this policy.
  5. The VPN should be connected from a broadband Internet connection. It will not operate satisfactorily otherwise.
  6. Theft or loss of any computer with a VPN client configured on it must be reported immediately to the IT Security Administrator.

Appropriate Use

  1. The VPN may be used only for official, SUNY Oneonta-related work. You must disconnect the VPN before attempting any non-SUNY Oneonta related activities from your computer.
  2. It is the responsibility of employees with VPN privileges to ensure that unauthorized users are not allowed access to the SUNY Oneonta internal network.
  3. Use of the VPN signifies your acceptance of and compliance with all other related SUNY Oneonta policies. These policies can be found here.
  4. Split tunneling is NOT permitted. That is, you may not use any other connection to any other network while the VPN is connected. All network traffic must pass through the VPN.
  5. VPN users will be permitted one active VPN connection.
  6. VPN users will be automatically disconnected from the SUNY Oneonta network after 30 minutes of inactivity or a total connection time of 8 hours. The user must then log on again to reconnect to the network. Pings or other artificial network processes are not to be used to keep the connection open.
  7. Access to the VPN can be revoked at any time for failure to abide by the VPN User Agreement.
  8. VPN usage will be reviewed annually. Employees and other authorized users that have not accessed the VPN in the past 12 months will have their access revoked, and may regain access by completing another VPN User Agreement form.

Forms

VPN User Agreement

Related Documents/Policies

SUNY Oneonta Information Technology Program

Confidentiality Policy

Effective Dates

Approved by President: October 27, 2009

Latest Revision: July 12, 2022

Back to top