Statement

WTAMU establishes, documents, and reviews usage restrictions, configuration/connection requirements, and implementation guidance for each type of remote access allowed.

Applicability

This Control applies to all West Texas A&M network information resources. The intended audience for this Control includes all information resource owners, custodians, and users of information resources.

Implementation

• All remote access connections must be authorized prior to allowing such connections. 
• It is the responsibility of WTAMU employees, contractors, vendors, and agents with VPN privileges to WTAMU networks to ensure that their remote access connection is given the same consideration as the user's on-site connection to WTAMU. Employees shall understand their responsibilities for protecting Personally Identifiable Information (PII) data, and the consequences for mishandling PII.
• It is the responsibility of all employees with VPN privileges to ensure that unauthorized users are not allowed access to WTAMU internal networks.  Every reasonable effort shall be made to ensure the confidentiality, integrity, and availability of information and information systems used remotely (e.g., not leaving laptops and other devices unattended or in public plain view).
• Multifactor Authentication is required for all University employees utilizing VPN.
• When actively connected to WTAMU’s network, the VPN connection will force all traffic to and from the computing device (PC laptop, tablet) over the VPN tunnel; all other traffic will be dropped.
• Split tunneling is not permitted; only one network connection is allowed. If non-work related network access is needed, the employee should first disconnect the VPN connection.