Smeal College of Business
Services & Support About Search

Research Instruction & Information Technology Group

Remote Access Policy: SCB–RAP–AD20

Find information concerning standards for connecting to the Smeal College of Business network from any remote host.

1.0 Purpose

The purpose of this policy is to define standards for connecting to the Smeal College of Business network from any remote host. These standards are designed to minimize the potential exposure to the Smeal College of Business from damages which may result from unauthorized use of Smeal College of Business resources. Damages include the loss of institutional sensitive or confidential data, intellectual property, damage to public image; damage to critical Smeal College of Business internal systems, etc.

2.0 Scope

This policy applies to all Smeal College of Business employees, contractors, consultants, temporary personnel, and other workers or students with a Smeal College of Business owned or personally owned computer or workstation that is used to connect to the Smeal College of Business network or computing resources. This policy applies to remote access connections used to do work on behalf of the Smeal College of Business and/or University, including reading or sending email, viewing intranet web resources or accessing internal Smeal or Penn State sytems (AIS, Calendar, etc).

Remote access implementations that are covered by this policy include, but are not limited to, dial-in modems, ISDN, DSL, VPN, SSH, and cable modems, etc.

3.1  Policy

3.2 General

  1. It is the responsibility of the Smeal College of Business employees, contractors, vendors and agents with remote access privileges to the Smeal College of Business network to ensure that their remote access connection is given the same consideration as their on-site connection to the Smeal College of
  2. Please review the following policies for details on protecting information when accessing the college network remotely, and for details on the acceptable use of the Smeal College of Business network:
    1. Smeal College of Business Virtual Private Network (VPN) Policy SCB-VPN-01
    2. Smeal College of Business Acceptable Use Policy: SCB-AD20
    3. Smeal College of Business - Anti-Virus and Anti-Spyware Protection

3.3  Requirements

  1. Secure remote access must be strictly Control will be enforced via the Smeal College of Business VPN gateway.
  2. At no time should any Smeal College of Business employee provide their login or email password to anyone, not even family members.
  3. Smeal College of Business employees and contractors with remote access privileges must ensure that any PC, PDA, Cell phone or other computing device either personally owned,

or provided, by the Smeal College of Business which is used to remotely connect to the Smeal College of Business network, is not connected to any other network at the same time, with the exception of personal networks that are under the complete control of the user.

  1. All hosts connected to the Smeal College of Business internal networks via remote access technologies must use the most up-to-date anti-virus software, this includes personal
  2. For remote access, personal equipment used to connect to the Smeal College of Business networks must meet all the same requirements as equipment provided and owned by the Smeal College of Business.
  3. Organizations or individuals within the Smeal College of Business may NOT implement non-standard Remote Access solutions to the College production network without obtaining prior approval from the RIIT

4.0 Enforcement

The Smeal College of Business Research Instructional and Information Technology Group (RIIT Group) has been authorized by the Dean of the Smeal College of Business to enforce this policy.

Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

5.0 Definitions

Term

Definition

Cable Modem

 Cable companies such as AT&T Broadband provide Internet access over Cable TV coaxial cable. A cable modem accepts this coaxial cable and can receive data from the Internet at over 1.5 Mbps. Cable is currently available only in certain communities.
Dial-in Modem A peripheral device that connects computers to each other for sending communications via the telephone lines. The modem modulates the digital data of computers into analog signals to send over the telephone lines, then demodulates back into digital signals to be read by the computer on the other end; thus the name "modem" for modulator/demodulator.
DSL Digital Subscriber Line (DSL) is a form of high-speed Internet access competing with cable modems. DSL works over standard phone lines and supports data speeds of over 2 Mbps downstream (to the user) and slower speeds upstream (to the Internet).
ISDN There are two flavors of Integrated Services Digital Network or ISDN: BRI and PRI. BRI is used for home office/remote access. BRI has two "Bearer" channels at 64kbit (aggregate 128kb) and 1 D channel for signaling info.
Remote Access Any access to Smeal College of Business networks or computers through a non-Smeal College of Business controlled network, device, or medium.
VPN Virtual Private Network - A device or software that allows a remote computer to create a secure tunnel through an unsecure public network in order to safely access a corporate network
SSH Secure Shell – a replacement for telnet that encrypts shell sessions to remote servers.

6.0 Revision History

06/04/2007 - Initial modification from COE policies, used with permission in conjunction with the Penn State IPAS project. http://www.ipas.psu.edu/

Printable PDF available

I Want To