Remote Work Assignments

These standards are required for any University employee that enters a remote work assignment as defined in the 3.1.31 Policy on the University Policies and Procedures website.

Definitions

Endpoint Device: Any laptop, desktop, tablet, smartphone, or similar end-user computing device used to conduct University work or process University data.

University Owned Endpoint Device: Any endpoint device the has been procured in part or in full with University funds.

Endpoint Peripheral: Any technology device connected directly to an endpoint device such as a keyboard, mouse, webcam, microphone, headset, printer, or scanner. Note: Standards for these devices have not yet been established.

Network Device: Any router, hub, modem, switch, or similar device used to manage or operate a network to conduct remote work.

Standards

Remote Networks

Non-University owned or operated networks used in the course of a remote work assignment must meet the following criteria:

1. The network must not be an open or “public” network such as those available at hotels, coffee shops, airports, etc.
2. The network must be configured in the following manner:
1. Where permitted by the device, the default administrator password must be changed on all networking devices.
2. Automatic updates must be enabled on all networking devices.
3. Where permitted by the device, the default wireless network name (SSID) must be changed on all networking devices.
4. The wireless security must be set to WPA2 or stronger.
5. The wireless password must be compliant with the University Password Procedure.

All Endpoint Devices

Regardless of ownership, all endpoint devices used to conduct work under a remote work assignment must meet the following criteria:

1. The device must have an operating system installed that is supported by the manufacturer and configured to receive security updates automatically.
2. The device must have an automatic lockout that occurs after 15 minutes of inactivity by the user.
3. The device must require a password, passphrase, pin, or other security key to sign into the device.
4. Family, friends, and guests are prohibited from using University-owned equipment.
5. Separate user profiles must be used for equipment not owned by the University.
6. The device must have the following software installed, configured, and enabled:
1. Cisco AnyConnect VPN + Umbrella software (Request software by emailing supportcenter@ilstu.edu)
2. OneDrive cloud storage software
3. Anti-virus software
4. Firewall software

Data Usage and Storage

All employees, including those operating under a remote work assignment, must comply with the 9.8.1 Data Classification Procedure. Employees operating under a remote work assignment must ensure that they are the only individual with access to University data at the remote work site.

Additional requirements for remote work endpoints are listed below:

Updates

These standards will be updated as necessary to ensure compliance with applicable regulation and institutional policy and procedure. This section will record summary notes of such changes.

• 05/05/2026 - Major update to align with the updated 9.8.1 Data Classification Procedure
• 08/02/2021 - Added instruction to contact the ISO for the Cisco VPN + Umbrella client.
• 05/25/2021 - Fixed hyperlink to the University 3.1.31 policy page.
• 05/20/2021 - Revised the language and formatting in the highly restricted and restricted data sections for clarity.