Telecommuting Technical Requirements

By accessing �鶹��ý technology services with personal equipment, users must understand that their machines are a defacto extension of the �鶹��ý network, and as such are subject to the same rules and regulations that apply to �鶹��ý owned equipment, i.e., their machines must be configured to comply with all �鶹��ý security policies. All computers connected to �鶹��ý campus networks remotely must use up-to-date virus-scanning software and virus definitions. Additionally, all relevant security patches must be installed. The University is not responsible for supporting personally owned computers, including for flexible work arrangements. The University is not responsible for damage or loss to the personally owned equipment, and if used, is subject to the University’s right of inspection. There will be no expectation of privacy as to files kept on any computer used during a flexible work arrangement. It is the responsibility of the employee with telecommuting privileges to ensure that unauthorized users are not allowed access to �鶹��ý campus networks. Individuals accessing the University’s internal network, servers, and services must take responsibility for implementing the following safeguards on their devices and follow University Procedure 4200 at all times.

Desktop and mobile devices that contain or provide access to institutional data must be password protected against unauthorized access. These computers and devices should be shut down when not in use for extended timeframes. The device should always be monitored to ensure no other individuals have access to the computer while using �鶹��ý services. Any remote access services used while telecommuting are to be used solely for �鶹��ý business and/or to support academic initiatives.

Remote access through VDI is controlled using two-factor authentication composed of an ID and a one-time-use passcode. For �鶹��ý employees using remote access technologies (VDI), the user ID is in the form of their Go �鶹��ý Portal username and password. The passcode is provided to the user via either a physical (hard) or application-based (soft) encrypted token.

Remote access gateways (VPN) on the campus network are provisioned by �鶹��ý’s Information Security team and are issued at the discretion of the Associate Director for Information Security or the Chief Information Officer. User created remote access gateways will not be permitted on the �鶹��ý network. Remote access users may be automatically disconnected from the �鶹��ý network after sixty minutes of inactivity. Artificial network processes are not to be used to keep connections alive.

Employees who telecommute or work remotely must comply with all University policies and procedures, including adequately safeguarding and securing any restricted or confidential information found in the Guidelines for Safeguarding Personally Identifiable and Confidential Information from Unauthorized or Accidental Disclosure. The employee shall, whenever possible, guarantee that an appropriate space is available in the home (or other approved remote site) to provide for an effective work environment and data integrity. The employee should not telecommute from a public place whenever avoidable.