Villanova University recognizes the need of its students, faculty and staff to access university data when they are not physically on campus. The purpose of this policy is to state the requirements for remote access to computing resources hosted at Villanova University. In addition, this policy is intended to instruct and inform the university community about the individual responsibility to protect Villanova data against inappropriate use and unauthorized disclosure.
1. While connected to Villanova University computing resources, remote access users are required to follow university policies at all times, including the Acceptable Use Policy.
2. All remote devices as set forth in the scope of this document must have appropriate security protections enabled. These protections include but are not limited to, the use of anti-virus software with the latest virus definitions installed, all appropriate operating system security patches applied and a personal firewall installed where available.
3. Any remote access users who are utilizing the SSL VPN gateway should remain connected for only as long as they are conducting business related work for the University and are encouraged to disconnect as soon as that work is completed.
4. At no time is a remote user to remain connected to any Villanova network for more than 12 continual hours, unless pre-approved by UNIT (University Information Technologies).
5. At no time is a remote user to connect Villanova’s network to any other network or device beyond the initial device making the connection. This includes, but is not limited to split tunneling, dual homing, or otherwise re-routing Villanova traffic beyond the intended endpoint.
6. Remote access users are not permitted to download or otherwise store university data which is considered confidential or contains Personally Identifiable Information (PII) on their personal remote computing devices. This includes the transfer of such data to a personal cloud service such as Dropbox or Google Drive. For specific considerations of where data may be stored, please consult the Data Storage Table within the University Cloud Storage Policy.
7. If any device used for remote access is lost, stolen, or otherwise removed from the user’s control, the authorized user will be responsible for notifying UNIT immediately.
8. Remote access user’s agree to immediately report to UNIT any incident or suspected incidents of unauthorized access and/or disclosure of company resources or information.
9. Any device connecting to Villanova computing resources is subject to monitoring, which may include but is not limited to date, time, duration of access, identification of endpoint and all traffic which traverses Villanova networks. Personal files on non-university equipment will not be monitored.
This policy applies to all Villanova University faculty, staff, students, contractors, guest account holders, and any other agents who remotely connect to Villanova University computing resources, other than those available on the public Internet. This policy also applies to all devices which are used by authorized individuals for remote access, whether personally-owned, university issued or otherwise obtained. These devices include but are not limited to workstations, laptops, tablets, smartphones, servers, consoles, controllers, and any other computing device which is capable of communicating on Villanova’s IP-based Ethernet network.
Employment or attendance at Villanova does not automatically guarantee the granting of remote access privileges. Remote access privileges must be approved and may be revoked for violation of this or any other university policy.
The latest version of this document can be found on the Villanova University website at: http://www1.villanova.edu/villanova/unit/about/policies/7120_secure.html
Instructions for accessing Villanova’s SSL VPN gateway can be found here:
Complete listings of all University IT Policies can be found here: http://www1.villanova.edu/villanova/unit/about/policies.html
UNIT staff can provide recommendations and support for this policy through specific considerations and technologies. To download a free copy of Symantec Endpoint Protection, please click here:
Further information about securing your home wireless router can be found here:
Remote access is defined as any external connection by a device/host (University issued or privately owned) to Villanova’s internal data network to access computing resources owned, managed or maintained by Villanova University from an off-site location, such as the employee’s home, a hotel room, airports, cafés, remote office, or other off-campus location.
Version 1.0 Approved February 09, 2016 by VP&CIO Stephen Fugale and the University Council on Information Technology (UCIT).