Remote and VPN Access to Campus Systems for Contractors and Vendors
Policy Statement
Some campus units have remote support arrangements in place with vendors and contractors. CIT recognizes the value of having support arrangements and has guidelines for facilitating remote access to campus systems and networks.
Definitions
Virtual Private Networking (VPN)
Multi Factor Authentication (MFA)
Policy
Unsupervised remote access to campus resources is a security risk. CIT recommends the use of a screen-sharing solution such as Zoom to provide vendor access to systems on campus. The guest can connect to the computer of a campus employee, through which they would complete their work. Guest activities should be supervised by the employee who facilitates the connection.
When this solution is not viable, access can be managed through named (individual) courtesy accounts for the personnel working for each vendor or contractor. The accounts would be used to access the campus network via VPN. VPN requires multi-factor authentication, which prohibits the sharing of these remote access accounts.
CIT will issue named courtesy accounts for VPN access to guests after a written request is received with justification and information on how the vendor or contractor will manage the user account information that has been assigned to them. To request an account, please visit the SUNY Geneseo Help Center or contact the CIT HelpDesk at 585-245-5588.
CIT regularly audits courtesy account permissions.
Frequency of Review and Update: At least every 5 years.
Signature: Susan E Chichester
Name of Responsible Officer Sue Chichester
Title of Responsible Officer CIO & Director, Computing & Information Technology
Date of Approval: