Dear David,

 

Dumb question: would you have a list of community computing reps please?

 

I have been using Zscaler mostly successfully. There are some mysterious circumstances  when it does not work. In particular, I cannot access a certain Microsoft app for lab attendance.

 

I am also wary of putting Zscaler on my personal computer at home as I am not confident that it will not monitor personal traffic (e.g. my online banking? Confidential emails?)   It is a process enabled at login but cannot be prevented from doing so from the system settings (on MacOS).

 

A MFA-enabled VPN might be more predictable.

 

Regards

Derek

 

 

From: David Colling <d.colling@imperial.ac.uk>
Date: Tuesday, 29 October 2024 at 16:55
To: ph-staff-dl <ph-staff-dl@imperial.ac.uk>, physics-departmental-computing <physics-departmental-computing@imperial.ac.uk>
Subject: Cyber security and (loss of) VPN access

Dear All,

As you may well be aware, the College is tightening up on all aspects of
our cyber security. One, very significant, aspect of this is the use of
the current legacy VPNs (of which we have several). For some time ICT
has been working to replace the use of VPNs with Zscaler to access
university resources when not connected to the Imperial network. This is
because VPNs pose a significant security risk to the College as they
bypass Multi-Factor Authentication (MFA). For this reason, the College,
will turn off the legacy VPNs as soon as is practical - no time scale
has been set for this yet but the expectation is that it will be around
the end of the year. It is possible that Zscalar will not satisfy
everybody's needs, in which case a new VPN with MFA will be introduced
to replace the legacy VPNs. ICT is currently surveying the College's VPN
users to see if they have needs that are not satisfied by Zscalar and if
so what those needs are. It is only in this way that ICT can ensure that
any VPN solution that they bring in, alongside Zscalar, will satisfy
everybody. This is being carried out systematically, with non-faculty
people and FoM having been surveyed so far. It is now the turn of FoNS.
VPN users who do not respond to the survey will loose access to the VPNs.

Physics has more than 240 people who are currently active users of one
of the legacy VPNs. These are people who have used a VPN recently. These
people will be contacted directly by ICT, however there may be many more
who only use one of the VPNs occasionally, but nevertheless rely on it
when they do use it. If you are one of these people, and you think that
Zscalar will not work for you, please contact one of your community
representatives on the Departmental Computing Committee. If you do not
fill in the appropriate form you will loose access.

Best,
david