Data theft and data exposure attacks continue to pose serious challenges for organizations, such as Virginia Tech, that need personal data to conduct business. Sophisticated cyber-criminals have developed techniques and tools to steal organizational data and evade traditional computer defenses. Because of their historically open environments and their control of large amounts of personal data, universities are prime targets for these attacks.
To help protect personally identifying information (PII), the Information Technology Security Office (ITSO) and Network Infrastructure & Services (NI&S) have collaborated to create the Restricted/Limited Access Network, or RLAN, which provides additional layers of protection for network and computing environments for employees who work with PII. The RLAN works by segmenting a portion of the university’s network and implementing more stringent traffic monitoring and filtering within that segment.
If you work in a department that handles PII, contact the IT Security Office or NI&S to find out more about the RLAN. Requests for participation will be evaluated and approved by the IT Security Office while NI&S administers and manages the RLAN's network components.
Finally, the RLAN is not a 100% guaranteed solution that will prevent data exposures. Rather, it is only one additional measure in an overarching effort to prevent exposure of Virginia Tech-defined PII. It is still the department's responsibility to implement and integrate standard IT security practices in compliance with Virginia Tech Policy 7010.
 Virginia Tech has defined PII as a small set of personal data; namely, Social Security numbers, credit and debit card numbers, bank account numbers, passport numbers, and driver’s license numbers.