Background
Public VPNs and other anonymizing services represent elevated risk login locations. While anonymizing services (including VPNs, proxies, etc) can be used for legitimate purposes, they are also used by those seeking account compromise to bypass geographic or reputation restrictions. Many VPN services, including many free VPN services, are associated with data mining and other malicious activities.
LETU’s Policy handbook provides the following guidance on anonymizing technology under section 6.1
“Due to abuse of anonymizing services by phishing and other malware agents, access to LETU resources should not be made from services that mask source IP addresses or otherwise provide anonymous access to internet resources (e.g. anonymizing VPN agents or similar). Such connection attempts may be restricted.”
What does LETU currently do with Anonymous Connections?
- Many anonymizing services have long been restricted on LETU’s local campus.
- Microsoft O365/Azure may take additional login precautions on global traffic including restricting anonymous connections or connections from risky locations.
- LETU Single Sign On (SSO) systems may not block all anonymous connections services, so experiences may vary when using these services.
- If you use a VPN for personal reasons outside an LETU campus, you may need to use a VPN solution which allows you to exempt LETU services from your anonymized VPN tunnel.
What services does this impact?
This affects most LETU Single Sign On (SSO) services including Canvas, O365, Email and other services which use the LETU SSO portal.