Office of the Chief Technology Officer

DC Agency Top Menu

-A +A
Bookmark and Share

Virtual Private Network (VPN) Policy

Friday, October 27, 2017

Employees of the District of Columbia periodically require remote access to information systems maintained and operated by the District.  CWITS manages the Virtual Private Network (VPN) infrastructure for the District as well as creating and maintaining user accounts. Access to the District’s VPN is limited to specific business purposes in support of a District Agencies mission.
Users requesting access to the District’s VPN must submit a request form documenting the need for remote access and including appropriate justification and agency management approval. This request must be formally submitted to the CWITS office. CWITS will then review the request to determine if remote access will be granted.
The remote user must have the capability to connect to the internet and then use VPN software provided by the District government.  Remote access will be restricted to the resources specified in submitted requests.
Each remote session will be monitored, and the date, time, duration, and user-ID will be audited. In order to ensure equitable use of resources, session lengths will time out if the connection remains inactive for a predetermined amount of time, such as five minutes.