FlexWork Technology, Support and Guidelines

Definitions

Endpoint Device: Any laptop, desktop, tablet, smartphone, or similar end-user computing device used to conduct College work or process College data.


College Owned Endpoint Device: Any endpoint device that has been procured in part or in full with College funds.


Endpoint Peripheral: Any technology device connected directly to an endpoint device such as a keyboard, mouse, webcam, microphone, headset, printer, or scanner. Note: Standards for these devices can be found in the ETS FlexWork Standards & Support Options.

ISP: An Internet service provider is an organization that provides services for accessing, using, or participating in the Internet.


Network Device: Any router, hub, modem, switch, or similar device used to manage or operate a network to conduct remote work.

 

Standards
Endpoint Devices

When performing college work under a FlexWork agreement users employees must abide by the Remote Work Information Security Requirements.


The College supplies a Laptop with a standard configuration for each qualified position. This configuration does not include accessories which are outside of the scope of the Technology Replacement fund. Endpoint peripherals such as:

  • Additional Monitors
  • Extra keyboard and mouse
  • Docking stations
  • Additional power supplies or chargers
  • Ergonomic devices (keyboard trays, standup desks, etc.)
  • Additional computers

These accessories must be paid for by the employee or the employee’s department budget.

ETS can only offer to exchange your desktop for a laptop when your computer is due for replacement. If you need to do this outside of the cycle the employee’s department may need to cover the financial gap in the replacement cycle. 


Any college owned equipment, such as a desktop workstation, that leaves campus must be approved by their  Senior Administrator and registered with the IT Procurement and Asset Manager, except for portable devices (laptops, tablets, etc.)

Phones

Physical Cisco phones will only operate when plugged into the college campus’ network. A Cisco Jabber softphone license is available as part of the standard configuration pre-installed on all laptops.  A WebHelpDesk ticket will need to be placed in order to activate the Jabber softphone utility. 


Cisco Jabber can also be installed on mobile devices such as phones and tablets. 


Printing

MFD printing is available on campus. Printers for use in College office spaces or for home FlexWork arrangements may not be purchased with College funds. Printing supplies for personally-owned printers may be reimbursable by the department.

 

Support Options for Remote Work


College owned Endpoint Devices

Computer Support Services staff can perform some remote troubleshooting of College devices. You may need to bring the computer into the IT Service Desk for more extensive evaluation and  repair.


Non-College owned Endpoint Devices

Computer Support Service staff will make a best effort to assist employees working from home on non-College owned endpoints. Maintenance and repair of non-College-owned devices used for FlexWork arrangements are the responsibility of the employee.


ETS staff will give guidance on non-College owned equipment, but do not offer any other services such as repair or replacement of vital components. College software licenses cannot be installed on non-College owned devices. It is the responsibility of the employee for software licenses on their devices. Selected software can be purchased through the College via On-the-Hub.

 

Network Requirements

The remote network that employees use for a FlexWork agreement should be stable and reliable and have the following features:

  • Wireless networks should be password protected, not open to the public
  • If your ISP supplied the router they will have preset a password for the router. If you purchased your own router you must change the manufacturer's default password.
  • Must have at least 50Mb/s of bandwidth especially when using VPN
  • VPN is required to access College internal and restricted data

The College does not cover the cost for home internet access for employees. 


Please refer to the document linked below for a list of suggested computer accessories that might improve your work at home experience better. 

Recommended Peripherals

 

Information Security Standards


Remote Networks

1.  Using an open or “public” network such as those available at hotels, coffee shops, airports, etc. is highly discouraged in general. If you must resort to them the College’s VPN should be used whenever connecting from these locations. 


2.  Network devices on home networks must meet the following criteria. Make an appointment with the IT Service Desk with questions:

  • Automatic updates must be enabled.
  • If you are setting up your own router not managed by an ISP
    • the default wireless network name (SSID) should not be used.
    • the wireless password security must utilize the WPA2 standard.

All Endpoint devices
Regardless of ownership, all endpoint devices used to conduct work under a FlexWork agreement must meet the following criteria:

  • The device must have an operating system installed that is supported by the manufacturer and configured to receive security updates automatically.
  • The device must have an automatic lockout enabled that occurs after 15 minutes (at most) of inactivity by the user.
  • The device must be configured to require a password, passphrase, pin, or other security key to sign into the device.
  • The device must have the following software installed and configured:

College-owned Endpoint devices
If the endpoint is owned by the College, it must additionally meet the following criteria:

  • The device must be managed and supported by the Computer Support Services Team.
  • The device must be registered and actively managed in the following College systems:
    • Meraki Endpoint Manager
    • The device must have the following software installed and configured:
      • Malwarebytes Endpoint Protection
      • Forticlient VPN
      • Druva Insync

 

Device & Data
Employees operating under a FlexWork agreement must ensure that they are the only individual with access to College data at the remote work location.


Family, friends, and guests are prohibited from using College-owned equipment. Separate user profiles must be used for equipment not owned by the College. Please reference the College-owned Computer Use Agreement 


Employees operating under a FlexWork agreement with a need and authorization to use data that is classified as restricted under the College Data Classification Policy, must be compliant with the following:

  1. Must have a Confidentiality Agreement filed with ETS
  2. Restricted data may be accessed but not stored on a non-college owned endpoint.
  3. Restricted data may be accessed and stored on college owned endpoints.