Overview
Virtual Private Networking (VPN) is a method of connecting users who are not physically on the College’s campus with the York College data network. Users can access and work with their files stored on campus servers from any remote location that provides internet access via high-speed lines.
Purpose
The purpose of this policy is to provide guidelines for requesting, approving and implementing VPN connections to the York College of Pennsylvania (YCP) network.
Scope
This policy applies to all YCP employees, contractors, consultants, and other workers including all personnel affiliated with third parties utilizing VPNs to access the YCP network.
Policy
Approved YCP employees and authorized third parties may utilize the benefits of VPNs, which are a "user managed" service. This means that the user is responsible for selecting an Internet Service Provider (ISP), coordinating installation, installing any required software, and paying any associated fees regarding the ISP.
Additionally,
-
It is the responsibility of employees with VPN privileges to ensure that unauthorized users are not allowed access to YCP internal networks.
-
VPN gateways will be set up and managed by the YCP Library and Technology Services (LTS) department.
-
All computers connected to YCP internal networks via VPN or any other technology must use currently supported anti-virus software and anti-virus definitions must be kept up to date using the software's automatic update features. Additionally, critical security updates for the system's operating system must be installed within one month of release.
-
By using VPN technology with personal equipment, users must understand that their machines are a de facto extension of York College's network, and as such are subject to the same rules and regulations that apply to York College-owned equipment. (See Acceptable Use Policy)
Approval
VPN access may be requested and will be evaluated on a case by case basis and approved or disapproved by the LTS.
Enforcement
Users who violate this policy may be denied access to College computing resources and may be subject to other penalties and disciplinary action, including possible dismissal. Alleged violations will be handled through the college disciplinary procedures applicable to the user. The College may suspend, block or restrict access to an account, independent of such procedures, when it reasonably appears necessary to do so in order to protect the integrity, security, or functionality of the College or other computing resources or to protect the College from liability. The College may also refer suspected violations of applicable law to appropriate law enforcement agencies.
Revised 6/12/2019