Search MSMC

Mount Saint Mary''s College

Home » Office of Information Technology » Remote Access Policy

Remote Access Policy

Remote Access - Defined

Remote Access is term used to describe connectivity to the MSMC
network from personal computers not directly connected to the network,
such as those located in a private residence or other off-campus location. Remote
Access provides authorized users access to e-mail, library services, file
services, MSMC business applications and IP-based on-campus services,
as they may be made available.

Policy, Applicability, and Ownership

The Remote Access Policy describes the terms and conditions under
which remote access may be used, and incorporates by reference the
Appropriate Use Policy regarding use of MSMC Computer and Network
Resources which is located at http://www.msmc.la.edu/pages/3876.asp.
All use of remote access services must comply with applicable local,
state and federal laws, which are also incorporated by reference.

Permitted Uses

Remote access services may be used only for the conduct of College-
related academic and administrative work. Personal, family, private or
commercial use of any service available remotely is not permitted.

Confidentiality and Privacy

All users of remote access services are required to honor and observe
the rules of confidentiality and protection of privacy when accessing and
using any information that resides on MSMC information systems and/or
any information that pertains to College programs, students, faculty,
staff or sponsored individuals. All disclosures of student information
must comply with the provisions of the Family Educational Rights and
Privacy Act of 1974 (FERPA). All disclosures of other information must be
in compliance with established College policies.

Protection of MSMC Information Assets

Users agree to apply safeguards to protect MSMC information assets
from unauthorized access, viewing, disclosure, alteration, loss, damage
or destruction. Appropriate safeguards include use of discretion in
choosing when and where to use remotely access data or services,
prevention of inadvertent or intentional viewing of displayed or printed
information by unauthorized individuals, and use of antivirus and backup
software on remote computers.

Highly Sensitive Information

Certain types of highly sensitive information such as student records,
certain financial records, or medical information, may not have a
legitimate use outside the MSMC campus environment. Users, their
supervisors and managers, are expected to exercise discretion in
selecting which information is appropriate to be remotely accessed, and
by whom. Questions about possession or use of highly sensitive
information outside the MSMC campus environment should be referred
to OIT.

Copying MSMC Data to Remote Computing and/or Other Devices

Data obtained from MSMC information systems may be temporarily
copied via remote access to remote computers, other PDA devices, and
storage devices (ie USB drives), only to the extent necessary to fulfill the
officially designated job responsibilities of the user. Users agree to
immediately return all MSMC data at termination of employment or role,
end of sponsored relationship, or upon termination of remote access
service by the College. Users agree not to provide access to, or to share
MSMC data stored on remote computers with anyone, except only as
explicitly authorized in writing by their manager or supervisor .

Storage of Private or Personal Data on MSMC Information
Systems

Remote access to data or services may not be used to copy private or
personal information such as that residing on a privately-owned
computer, to MSMC file shares or other MSMC-owned information
systems.

Offsite Printed Copies of Information Obtained Through Remote Access Services

Offsite printed copies of remotely-accessed information must be
protected from unauthorized access or disclosure. Proper protective
measures include securing materials when unattended and shielding
materials from unauthorized viewing. Proper disposal procedures include
shredding or obliteration of sensitive information prior to disposal.

Ownership of Work Products

Work done at a remote location is considered official College business.
All work products such as files, tables, reports, databases, programs and
other content created while remotely accessing data or services are
considered official records, and are the property of the College, except
only as stipulated in Intellectual Property or other formal legal
agreements that may exist between a user and MSMC.

Incident Reporting

Users agree to immediately report to their manager or supervisor, all
incidents involving suspected or actual unauthorized access, disclosure,
alteration, loss, damage or destruction of data. Managers and
supervisors agree to immediately report these incidents to the MSMC
CIO or VP of Information Services.

Liability

MSMC assumes no liability or responsibility for any damages or losses of
any kind to personally-owned property or the property of parties other
than the College that may oc   cur as a result of, or incident to, the
remotely accessing data or services. Users of remote access services
agree to accept responsibility for all transactions conducted under their
user ID.

Policy Violations

Where a possible or actual policy violation is identified, the appropriate
system manager or unit head will undertake a review and initiate
appropriate action, in accordance with College pol cy. In addition, the
College may require restitution for any use of service that violates the
policy. The College may also pr  ovide evidence of possible illegal or
criminal activity to law enforcement authorities.

Service Changes

MSMC retains the right to amend the terms of the remote access policy
at any time, and to alter, change, suspend or terminate remote access
service as may be required, at any time, in its sole discretion, with or
without notice to users.

Approved: Cabinet 4/16/07