ISO Position Paper
Position Title: Restricted Data Access from Off Campus
Position Audience: Princeton IT Professionals
Contact: Information Security Office: [email protected]
Position Release Date: August 11, 2017
Problem Statement
The Information Security Policy1 requires the protection of University information that is
classified as Restricted or Confidential. Exposing systems that contain Restricted or Confidential
data directly to the internet significantly increases the threat to sensitive University information.
ISO Position
All University systems that store or process Restricted or Confidential data should not utilize
publicly routable internet addresses (where possible) and must require the use of SRA/VPN to
access those systems.
Data Classification: Public