Tufts University Information Technology (UIT) expanded its virtual private network (VPN) on Jan. 8 in response to a Tufts Community Union (TCU) Senate resolution from earlier this academic year.
The resolution had asked UIT to implement a "fully tunneled" configuration that would allow students, staff and faculty to use a secure connection when accessing the Internet, even from off-campus locations.
With the new changes, the VPN allows users with a Universal Tufts Login Name (UTLN) and password to access the Tufts network through an encrypted channel from any location. Before the resolution, students could only access the VPN while on campus, UIT Director of Information Security Chuck Young told the Daily in an email.
"We think it makes sense to improve security where we can, especially where there is no cost or inconvenience for students," Young said. "We've heard that additional security without inconvenience is a pretty good thing. And those who are not aware of the change benefit without knowing it."
To access the VPN while off campus, faculty, students and staff must log in at vpn.tufts.edu using a Tufts UTLN and password, Dawn Irish, UIT Director of Communications and Organizational Effectiveness, told the Daily in an email. Internet activity will function securely through the VPN until the person logs out of the website.
"Since nobody knows what is happening in untrusted locations, this provides reassurance that regular traffic is better protected, and that sensitive exchanges are double secure," Young said. "This makes local wireless snooping in an off-campus location much more difficult, and safer for everyone."
Prior to the new changes, Tufts used a "split-tunneled" configuration where the VPN only protected Internet-based Tufts services but not other online activities, TCU Senator Michael Vastola, a member of the Senate Services Committee, said.
"It's a common-sense change to shore up information security for students who are accessing the Internet from unsecured, off-campus wireless connections," Vastola, a senior, said. "Over a secure channel [like the new VPN], no one can see what I'm doing and no one can interfere with the communication that's happening without being detected."
The VPN has the greatest impact on members of the Tufts community who want to access a secure connection while they are not at school, Young said.
"Anyone can use the VPN while on campus to further secure connections that are already encrypted, for things like Gmail, online banking or SIS, or to encrypt regular traffic such as Yahoo Mail or Facebook," Young said. "However, we believe the real benefit is for students off-campus and around the world who use wireless connections in unknown surroundings and situations."
Access to the VPN is more complex than simply connecting a computer to the Tufts internet connection, according to Vastola.
"It creates a connection, a secure channel of data, between your computer and the Tufts VPN server," Vastola said. "Through that secure channel, they emulate a situation of Internet security in which you are directly connected to the Tufts network despite not being on campus."
UIT had initially planned to implement the new aspects of the VPN that the Senate proposed over a longer time period, Young said. After the resolution was passed, UIT simply accelerated their pre-existing schedule.
"It was a very quick turn-around," Vastola said. "It was great, and they were extremely nice about it. I have no complaints."
To increase the number of students who access and understand how to use the VPN in the future, Vastola said he plans to advertise the new configuration on TuftsLife, of which he is the CEO Emeritus.
Although it is unclear how many people in the Tufts community have used the VPN, Irish hopes that UIT's updates will encourage those who have not accessed it in the past to utilize its benefits.
"If students choose to use it in the future, their data ‘in motion' will be more securely transmitted wherever they are," Irish said. "By reconfiguring it, we are now better able to protect the personal data of our community members who use the VPN."
