(A) Policy statement and purpose
In order to maintain the appropriate level of protection for BGSU systems and data as well as provide for external access for authorized users, the BGSU MyVPN has been implemented by information technology services (ITS). This policy has been created to mitigate any threats and vulnerabilities to BGSU's information technology resources that are accessed through the BGSU MyVPN.
(B) Policy definitions
Virtual private network (VPN) - a "tunnel" connection created to allow secure communications over public networks.
Information technology resources - All aspects associated with management and processing of information. This includes facilities, technologies, and data used for university processing, transfer, storage, and communications. Examples of these resources, include, but are not limited to, computers, networking equipment, telecommunications equipment, electronic mail, electronic information sources, network bandwidth, wireless devices, video communications, IP telephony, university assigned accounts, voice mail, passwords, access controls, storage media, documentation, personal digital assistants.
Public computers - Any computer that is available to the general population. Example of public computers includes, but not limited to, airport kiosks, library computers, internet cafes etc.
(1) Connection to the BGSU MyVPN is considered an extension of the BGSU network. Thus usage of the BGSU MyVPN and its connected systems must be consistent with all relevant BGSU policies.
(2) Only authorized users are permitted to use the BGSU MyVPN.
(3) All users must obtain access via the BGSU MyVPN access request web form.
(4) The BGSU MyVPN must only be used for official university business.
(5) Supervisors of MyVPN users must inform ITS whenever a user no longer needs access to the BGSU MyVPN so access can be deactivated.
(6) Users may not access the BGSU MyVPN from public computers.
(a) User responsibilities
(i) Users must logout when they have completed any work through the BGSU MyVPN.
(ii) Users must report any known or suspected unauthorized usage of their BGSU MyVPN account to ITS immediately.
(iii) Users are responsible to assure the system they are accessing the BGSU MyVPN is secure. This includes, but is not limited to, ensuring the system is free from all malware (viruses, worms, trojans, spyware, etc.), firewalls enabled, and security updates applied.
(8) Enforcement and sanctions
Individuals or entities in violation of the BGSU MyVPN policy will be referred to the appropriate disciplinary authority for review. Access privileges may be suspended without prior notice if it is determined that a policy violation is causing a current or imminent threat to the confidentiality, integrity, or availability of information technology resources.
(9) Related polices
Date: August 6, 2013
Promulgated Under: 111.15
Statutory Authority: 3345
Rule Amplifies: 3345