Effective Date:
Revised Date:
Periodic Review Completed:
Category: General College
Responsible Office: Computing & Information Technology
Office Number: (585) 245-5577
Scope
All vendors and contractors that have remote support arrangements in place with campus units.
Policy Statement
| Excerpt |
|---|
Some campus units have remote support arrangements in place with vendors and contractors. CIT recognizes the value of having support arrangements and has guidelines for facilitating remote access to campus systems and networks. |
Definitions
Virtual Private Networking (VPN)
Multi Factor Authentication (MFA)
Policy
Unsupervised remote access to campus resources is a security risk. CIT recommends the use of a screen sharing solution such as Zoom to provide vendor access to systems on campus. The guest can connect to the computer of a campus employee, through which they would complete their work. Guest activities should be supervised by the employee that facilitates the connection.
When this solution is not viable, access can be managed through named (individual) courtesy accounts for the personnel working for each vendor or contractor. The accounts would be used to access the campus network via VPN. VPN requires multi-factor authentication, which prohibits sharing of these remote access accounts.
CIT will issue named courtesy accounts for VPN access to guests after a written request is received with justification and information of how the vendor or contractor will manage the user account information that has been assigned to them. To request an account, please visit the SUNY Geneseo Help Center or contact the CIT HelpDesk at 585-245-5588.
CIT regularly audits courtesy account permissions.
Frequency of Review and Update: At least every 5 years.
Signature: Susan E Chichester
Name of Responsible Officer Sue Chichester
Title of Responsible Officer CIO & Director, Computing & Information Technology
Date of Approval:
| Page properties | ||||||
|---|---|---|---|---|---|---|
| ||||||
|