USNA Remote Use Agreement

Remote Use is defined in USNAINST 5230.1A Information Technology and Cybersecurity Policy and Standards. This agreement applies to non-privileged end-use.

I understand and agree that: 

  1. The Acceptable Use Policy for USNA IT Resources, and the Navy User Agreement and Notice and Consent Provisions apply to remote access.
  2. Remote access is for official use only and may not be used for any personal purpose.
  3. Remote access shall only be conducted from a physically secure location safeguarded from theft and eavesdropping.
  4. Remote access will always be attended, and terminated when not in use.
  5. Use of remote access will be monitored, logged, and audited.
  6. Personally owned network devices used for remote access may be confiscated by the US Government in the event of a security incident.
  7. I am responsible for and will:
    1. Configure home network level devices to (1) comply with USNA password policy, (2) silently ignore unsolicited requests, (3) use a firewall, (4) allow administration from within the home network only, (5) use network address translation. An endpoint device on the home network shall not have an address that is globally routable.
    2. Check for and apply firmware and software updates to home network level devices at least monthly.
    3. Disable wireless access points that are not being used.
    4. Ensure that the Operating System, firmware, and application software of the endpoint device is up to date with respect to all software vulnerability patches applied to systems on the USNA mission network.
    5. Ensure endpoint devices employ on-access virus-scanning and a firewall.
    6. Ensure that multiple network connections are not simultaneously in use. Dual (split) tunneling is NOT permitted.
    7. Ensure that remote access connection security mechanisms currently employed and provided by ITSD are being used (e.g., SSL VPN, 802.1x network access control, endpoint security configuration compliance scanning).
    8. Protect the confidentiality of Personally Identifiable Information (PII) associated with USNA. PII for which I am authorized access may be viewed but not be stored on a personally owned endpoint device. I will report unauthorized disclosure to the USNA Information Systems Security Manager.