- In today's business environment, being able to access information stored on your work station quickly from any location can be critical. To be able to access data on your own work station requires Virtual Private Network (VPN) access. VPN is a secured private network connection built on top of a public network, such as the Internet. A VPN provides a secure, encrypted connection, or tunnel, over the Internet between an individual computer (such as a computer off campus) and a private network (such as ChSCC's). Use of a VPN allows authorized members of the ChSCC community to securely access ChSCC network resources as if they were on the campus.
- Access for eMail or Self Service Banner (SSB) does not require VPN access. Faculty, staff and students can access email from Office 365. SSB can be accessed through TigerWeb. Please contact the ITS Help Desk for instructions for either of these two access avenues.
- The purpose of this policy is to state the requirements for remote access to computing resources hosted at ChSCC using Virtual Private Network (VPN) technology.
- These standards apply to all ChSCC employees (except for student workers or other workers that are not authorized VPN access), authorized users, contractors and visitors that have verified access requirements to ChSCC computing resources or data. All College wireless and wired local area network (i.e., WLAN) technologies, both inside and outside areas at all ChSCC campuses are covered.
VPN Access Security Standards and Request Process:
- ChSCC employees, and authorized third parties (customers, vendors, etc.) may utilize VPN to access ChSCC computing resources for which they have been granted access. Access is determined by the requesting individual's immediate supervisor or by the individual that is responsible for vendors/contractors based on business requirements for the assigned job duties.
- Regular, full-time ChSCC faculty or staff employees that have a valid ChSCC Domain User Account may request VPN access to the ChSCC network by completing a VPN Request Form and an Information Technical Services Work Order (available on ITS web page and click on Access Requests https://itservices.chattanoogastate.edu/. All requests for VPN will include business justification and the form should be signed by appropriate Director or higher level of management. This justification should address exactly what type of work will be done off campus that will require VPN access. Requests without the business justification will be returned to the requestor as incomplete. This stringent security requirement is to ensure that only those individuals that have job duties that require the need to access INB from an off- site location are granted access in order to lessen the security risk.
- VPN access is valid for only a set period of time, not more than one (1) year at a time. Access justification will be resubmitted annually. Further information, please go to ITS web page Access Requests.
- Only individual accounts may be granted VPN access to ensure accountability. For specific account requirements, please go to ITS web page Access Requests.
- Vendor Accounts may be granted VPN access. Vendor accounts must be sponsored by a ChSCC Director or higher level manager. The account sponsor bears responsibility for the account and its use by the vendor. If the vendor account does not already exist, a request to establish one must be made at the same time VPN access is requested.
- In order to use the VPN from off campus, you will need a connection to the Internet. ChSCC does not provide you with an Internet connection or equipment to use for off-site work on a permanent basis. You will need to connect your off-site desktop or laptop with your Internet Service Provider. While dial-up Internet connections may utilize a VPN connection, performance is very slow and is not recommended or supported. For further details to access VPN from your personal computer/laptop/etc., please go to the ITS Web Site
- It is the responsibility of all ChSCC employees and authorized third parties with VPN privileges to ensure that unauthorized users are not allowed access to internal College networks and associated content.
- All individuals and machines, while using ChSCC's VPN technology, including college-owned and personal equipment, are a de facto extension of ChSCC's network, and as such are subject to the College's Acceptable Use Policy.
- All computers connected to ChSCC's internal network via the VPN or any other technology must use a properly configured, up-to-date operating system and anti-virus software; this includes all personally-owned computers.
- Redistribution of the ChSCC VPN Installer or associated installation information is prohibited.
- All network activity during a VPN session is subject to ChSCC policies.
- All users of the ChSCC VPN shall only utilize resources for which they have been granted permission and rights to use.
1. These standards comply with and are based on the laws of the United States, State of Tennessee, Tennessee Board of Regents, and other regulatory agencies. This includes all applicable federal and state laws which govern the privacy, confidentiality, security and use of data, and the use and security of computer systems and data including: The State of Tennessee Department of Finance and Administration Office for Information Resources. If this Guideline conflicts with federal or state statute, the applicable statute shall apply.
2. Additionally, other College Policies, Guidelines, Standards and/or campus procedures may impose certain restrictions that are not specifically covered by state and federal statue or regulations.
- ChSCC IT Policy 08:14 Responsible Use Policy