I. INTRODUCTION
The IIT Virtual Private Network (VPN) provides a secure encrypted network connection over the Internet between authorized IIT users and the University network. The VPN offers secure access for faculty and staff who need access to information technology systems that are not otherwise available from off-campus networks.
II. PURPOSE
The purpose of this policy is to provide guidelines for VPN connections to access IIT network resources off-site.
III. PROCEDURES
- VPN does not provide Internet connectivity; it provides secure access into the IIT Network. Individual users are responsible for selecting an Internet Service Provider (ISP), coordinating installation, and installing any required software necessary for Internet service.
- VPN accounts will only be provided to IIT faculty and staff upon request.
- Student will only be provided a VPN account for academic purposes on a case-by-case basis and requests for student accounts must be sponsored and submitted by a full-time faculty member.
- All requests for VPN accounts must be routed through the IIT Support Desk at support.iit.edu or 312.567.3375.
- Only the VPN client software that is distributed by OTS may be used to connect to the IIT VPN servers.
- By using VPN technology with personal equipment, users must understand that their machines are a de facto extension of IIT’s network, and as such must comply with the IIT Acceptable Network Usage Policy.
- The VPN client is currently available for Windows, Mac OS X, Linux, iOS and Android devices. Approved users are responsible for the installation of the VPN client software.
- All computers connected to IIT’s internal networks via the IIT VPN, must use the most up-to-date anti-virus software and operating system patches. IIT periodically scans computers connected to the IIT network to assure compliance with the above. Devices identified as a potential security threat may be blocked from the IIT network until further action is taken by the user.
- VPN users will be automatically disconnected from the IIT network after thirty minutes of inactivity. The user must then logon again to reconnect to the network.
- It is the responsibility of users with VPN privileges to ensure that unauthorized persons are not allowed access to IIT internal networks.
IV. ENFORCEMENT
Any user found to have violated this process will be subject to loss of certain privileges or services, including but not necessarily limited to loss of VPN access.