The Tufts Community Union (TCU) Senate earlier this semester unanimously passed a resolution calling for the university to expand its virtual private network (VPN) service, which would offer students the option to access a secure Internet connection.
The VPN secures user data exchanged with certain Tufts services, such as the research cluster or the personal drive (P: drive), according to TCU Senator Michael Vastola, a member of the Senate Services Committee
Currently, students who are using a wireless connection outside of Tufts and still want to access Tufts services are redirected through the VPN's secure virtual "tunnel," which protects their data while they use these services, according to Vastola, a senior. This change would offer students this protection at all times, TCU Senator Shawyoun Shaidani, chair of the TCU Senate Education Committee, said.
The university currently uses a system of "split tunneling," through which users have secure access to Tufts services through the VPN but their other online activities are not protected, Shaidani, a junior, said.
A "full tunnel" system would instead send all Internet activity over a secure connection, Vastola said. The VPN acts like a proxy service by providing an intermediary data route to websites for users that are not connected to the Tufts network, he added.
The TCU Senate resolution calls for Tufts University Information Technology (UIT) to offer this to students outside the Tufts network.
"We want to make it so that all your data goes through that secure tunnel, even if you're on Google," Vastola said.
Students may be subject to hacking while using off-campus wireless connections and would be safer using the VPN, according to Shaidani.
"We wanted to offer the option to [students] to surf the Internet through a secure connection and that's a relatively easy change to make," Shaidani said. "We can't change the nature of the connections that people have but what we can do is redirect them through this secure network."
It is safer for users to access websites through the VPN rather than establishing a direct connection with the website, Shaidani explained.
"With split-tunneling — the way it's configured now — when you're on an unsecured wireless network, then, if you access Facebook, you're directly connecting to Facebook. If you access your P: drive, then you're connecting to your P: drive through the VPN," Vastola said. "If they change the setting, then what will happen is that you'll connect to Facebook through the VPN."
The full tunnel configuration, which many companies and universities provide to their employees and students, will help solve the university's long-standing problem of web security, according to Vastola.
"This has always been an issue," he said. "Tufts offers this great service that's the VPN but it doesn't configure it in the optimal way that it should be."
UIT Director of Communications and Organizational Effectiveness Dawn Irish said she was glad students were considering the issue of Internet security.
"We're excited in general that the students are interested in security," Irish said. "This is something that we're always trying to publicize with the students and the fact that they came to us with a resolution is really exciting."
"When they come to us with an idea that will help them be more secure, we're always excited to hear it and if we can implement it, then we will," she added.
Irish noted, however, that UIT will have to weigh the benefits and challenges of implementing the program and plans to review the idea over the next few months.
She expects that UIT will have reached a final decision by the end of the calendar year.
"I think that in general we think it's a great idea, but any time we change our services we need to check the wider impact that the change will have on our services at Tufts before implementing it," Irish said.
--
Correction: This article has been modified from its original version. The earlier version contained errors in its technological terminology.
