R EMOTE A CCESS TO CCAC C OMPUTER N ETWORKS
VII.01; VII.02
Policy Reference(s):
ITS
Responsible Department(s):
April 17, 2017
Approval Date: Revision Date(s):
P URPOSE The purpose of this regulation is to define rules and requirements for connecting to CCAC’s computer network (or any network managed by CCAC) via the Internet from any location that is not connected to the CCAC network. These requirements are designed to minimize the risks, liabilities and harm to CCAC and its students, faculty, staff and other authorized users which may result from unauthorized access to CCAC’s computer networks and other Information Technology Resources. 4 Such risks include, but are not limited to, the loss of sensitive or confidential information, damage to the College’s public image, damage to critical CCAC internal systems, and fines or other financial liabilities that may be caused by or result from data security breaches. S COPE This regulation applies to all authorized CCAC employees, contractors, vendors and agents (hereafter referred to as “user”) that use a CCAC-owned or personally owned computer, laptop, smartphone, tablet or other device to remotely connect to CCAC’s computer networks and other Information Technology Resources. It also applies to remote access connections used to perform work on behalf of CCAC including reading or sending email and utilizing the College’s intranet web resources and applications. Finally, this regulation covers any and all technical implementations of remote access used to connect to CCAC networks. Remote access implementations that are covered by this regulation include, but are not limited to, DSL, cable modems, fiber optic networks, VPN, SSH, Wi-Fi, and cellular networks. U SER R ESPONSIBILITIES General 1. Storage of confidential information on any personally-owned computer, storage device and/or any personal cloud storage account is prohibited. The foregoing prohibition extends to the act of forwarding confidential information to a personal e-mail account, regardless of whether such information is contained in the body of an e-mail or in an attachment to an e-mail. Confidential information, as used herein, refers to and includes data, materials, products, technology, computer programs, specifications, manuals, business plans, software, marketing plans, business plans, and
4 For purposes of this regulation, the term “Information Technology Resources” shall have the same meaning as set forth in Board Policy VII.01.
148|Page
Made with FlippingBook Learn more on our blog