Neosho County Community College - Technology Services

	Search WWW NCCC

	NCCC Home
	Tech Services Home
	IT Policies

Virtual Private Network (VPN) Policy - Rev 1 (Pending Approval)

The purpose of this policy is to define administrative and operational procedures associated with VPN Remote Access Service. This policy applies to all faculty, staff and students and approved network users desiring a VPN connection.

A VPN is a technique used to create a private path from a remote user pc or workstation located on a public network into a private network such as NCCC’s campus data network. It allows, among other things, a method to connect to NCCC network resources (for example, the full Outlook client, NCCC’s e-mail system, and a user’s stored electronic files) as if the user were locally connected to the NCCC network. This allows greater functionality than other remote access techniques such as via a web browser. Use of the NCCC VPN service is a privilege which comes with responsibilities for the department and the user. Users should be aware that routing schemes, network configurations, and security measures can be changed without notice by the NCCC Technology Services department or by the user’s internet service provider and may affect the user’s ability to do certain functions with VPN. The use of the VPN service does not make all transmissions between the user’s PC and the NCCC network secure. Please do not assume the confidentiality of information traveling through the VPN service.

Responsibilities of Technology Services:

	Provide the VPN client software and instructions for installing the VPN client on the user’s computer.
	Technology Services supports the VPN network device, the VPN client, and grants users access to the VPN service.
	Technology Services shall “scan” for unauthorized VPNs and disable access of those devices performing non-sanctioned VPN service.

Responsibilities of Users:

	VPN service is limited to faculty, staff, and adjunct faculty needing secure remote access to resources located on the college's network.
	All users must use the centrally provided VPN and the associated VPN client software.
	All remote systems must have a firewall enabled.
	All remote systems must have properly configured anti-virus software installed and enabled.
	All users must recognize that the use of the VPN system does not guarantee that all transmissions between the remote PC and the NCCC network are secure. It is the user’s responsibility to configure their applications to use the VPN if they desire their transmissions to be secure.
	The operating system for all remote systems must be kept current by applying “patches” as they become available.
	In order to use the VPN service all remote systems must be Windows XP or Windows Vista operating systems. Other systems will not be supported.

Responsibilities of Department:

Reviewing the users request for access and submitting it to Technology Services.

Assuring that the user has reviewed this policy.

Procedures:

User requests for VPN Remote Access Service are initiated through the departmental director.

Department directors determine who will be authorized for VPN Remote Access Service within their department.

Once authorized, the department director sends the request for access to Technology Services.

VPN Remote Access Service is granted only after the user has confirmed that he/she has reviewed this policy, specifically the requirements outlined in the “Responsibility of Users” section.

Technology Services is the user’s primary point of contact for assistance with installation of the VPN client and resolution of problems with individual user client set-up and operation. Contact the technology services help desk (help@neosho.edu or 431-2820 x290) for client installation procedures.

CONSEQUENCES:

Failure to abide by the requirements of this policy and/or any procedures that are developed to implement this policy may result in termination of the user’s or departmental VPN privileges. Users may also be subject to sanctions, including the loss of computer or network access privileges, disciplinary action, suspension, termination of employment, dismissal from the University, and legal action. Some violations may constitute criminal offenses under local, state, and federal laws. The University will carry out its responsibility to report such violations to the appropriate authorities.

A-Z Index A B C D E F G H I J K L M N O P Q R S T U V W X Y Z