As more and more users work from remote locations, the need for secure access to networks, systems, and data continues to grow. This policy provides guidelines to help IT ensure that VPNs are properly deployed and outlines acceptable use policies for end users on company-issued and personal devices.

From the policy:

Many organizations rely on a virtual private network (VPN) to accommodate remote and mobile employees, providing secure access to internal networks, systems, and data. Deploying a VPN in your organization can simplify providing access to these resources. VPNs can also be used in conjunction with single sign-on services and outside applications (such as Slack or G Suite) to streamline business applications usage and identity management, making it easier for employees to work from anywhere.

Policy details
Using a VPN to access internal resources comes with responsibilities to uphold network security, as well as to safely and equitably use company resources.

Acceptable use policy
Hardware, software, network services, and support provided by the organization for VPN or remote usage are for the exclusive purpose of performing or fulfilling job responsibilities. Use of these resources is contingent on your agreement to comply with this policy and directions for and/or restrictions of use of these resources as determined by IT personnel.

• Use of resources provided by the organization for personal activities, including social media and media streaming, is prohibited.
• Use of resources for copyright infringement (file sharing, etc.), pornographic content, or illegal content is prohibited.
• Users assume personal responsibility for the appropriate use of these resources, subject to applicable organizational conduct policies, as well as city, state, and federal laws and regulations.