USM Computing Services Blog

In the never ending security battle we are defending one more front. The technology that allows desktop computers to access USM’s file servers does not encrypt all communication between workstations and servers. This has been an outstanding concern for some time, primarily for wireless and remote (home) access to data. Beginning the week of August 10th-14th all unencrypted access to the file servers will be disabled and you will need to use one of the alternative methods described below.

Hard-wired on-campus computers are relatively secure as the University maintains all the equipment between an office computer and the server. These lines are physically secure (reasonably) and pose less of a security risk than wireless or remote access. With that in mind we are attacking the highest and most achievable security risk, wireless and remote access.

Wireless and remote computers are, from the University’s point of view, relatively insecure. On-campus wireless access is not encrypted and open to easy interception by anyone in range of the radio signal. Home and other remote connections pass through public (non-University) networks and could similarly be intercepted during their travels on the Internet superhighway. Both of these have a high possibility of exposing sensitive or private data and causing the University and individuals irreparable harm.

To address the clear security concern, we must change the method you use for remote and wireless access to the USM file servers. This action will prevent any computer not physically wired and located on the University network from accessing the USM file servers. This means access to shared and individual network drives such as N:, O:, U:, etc. will no longer be possible from a wireless or remote computer. Many people will be affected by this change and their method of working off-campus must change. This does not affect use of the desktop GroupWise client.

There are a couple of options for people to work off-campus and on the University wireless network:

• Web-Access: for non-University equipment, personally owned computers, etc.. the University provides email at gw.usm.maine.edu and file access at myfiles.usm.maine.edu.
• Virtual Private Network (VPN): for University owned equipment that are associated with a “port charge.” Allows full access to network drives and printers (not supported for off-campus use)

These two alternatives have been tested and used by staff for many months, or even years in the case of web-access. They are both available immediately. The web-based options can be used without delay. The VPN option requires a software installation through the HelpDesk (780-4029 or helpdesk@usm.maine.edu).

This entry was posted on Thursday, July 16th, 2009 at 8:46 am and is filed under internet, security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.