Michigan Medicine VPN Project

Michigan Medicine is working to improve network security and provide new ways for personal devices to securely connect to Michigan Medicine resources.

Current Project Status

The project team is currently engaging researchers, clinicians, staff, and learners to understand how they use the med VPN today on personal devices so we can design alternative, secure options for the future. To date, we have gathered 600+ survey responses from our stakeholders and are working to analyze that data, as well as conducting a pilot of Windows Virtual Desktop.

Background

Given significant data breaches in 2019, Michigan Medicine must take steps to secure its virtual private network (VPN). The med VPN is an encrypted connection which allows access to Michigan Medicine internal resources like network drives (H,S, T drives) and internal websites. 

To secure the network, Information Assurance is looking into the impacts of limiting the med VPN to Core Windows and Mac computers, while enabling alternative options for personal and MiWorkspace computers to connect to internal resources. 

A project goal is to minimize disruption to remote work. Already, essential resources like email and MiChart are available without using the med VPN. Michigan Medicine Core computers will also continue to maintain VPN access. Before making changes to VPN access for personal devices, we will communicate broadly about the changes and alternative network access options. At this time, there is no date set for when changes will take place.

FAQ

What is the med VPN?

The Michigan Medicine virtual private network (med VPN) is the most commonly used secure connection to reach internal Michigan Medicine resources, accessed through the Cisco AnyConnect app.

When do I need to use a VPN?

The VPN project will impact the med VPN only.  

Is the med VPN different from the campus VPN?

Yes. The campus VPN is a separate network, also accessed through the Cisco AnyConnect app, and often used to access ARC-TS resources or library journals and resources. Access to the campus VPN will not change.

How do I know which VPN network I’m using?

The campus VPN is titled UMVPN - Only U-M Traffic or UMVPN - All Traffic

The med VPN is titled vpn.med.umich.edu or UMHS SSL VPN

How do I access email without VPN?

Email can be accessed from any device or browser through Outlook on the web (OWA) at email.med.umich.edu. OWA offers similar features to the Outlook client, including access to your calendar and contacts.   

If VPN access changes, will I be unable to access Michigan Medicine resources from my personal device?

HITS is working to identify alternative options for secure network access, and will be communicating any changes broadly in the future. Right now there is no date set for changes to take place.

 

Will I still have access to email and apps on my smartphone and tablet?

Yes, If you have Intelligent Hub on your phone or tablet and have email set up, you will have continued access. 

Similarly, mobile apps like Haiku/Canto will also continue to be available - VPN access is not necessary. (Note: For initial registration of Haiku/Canto, users must be connected to 8021x on Michigan Medicine premises.

What will the alternative to VPN be?

HITS plans to expand access to Windows Virtual Desktop (WVD) as the alternative to VPN. WVD is like signing in to a Michigan Medicine Core computer remotely. You’ll see typical apps on a familiar Windows desktop interface, including the Outlook email client, Microsoft Office, MiChart, Google Chrome, network drives (H,S,T drives), and Adobe Acrobat DC. It can be accessed from any computer or browser using your level-2 credentials.

Will Michigan Medicine Core computers lose VPN access?

No, Michigan Medicine-owned Core Windows and Mac computers will continue to maintain access to VPN.