Rethink Remote Access Policy: Javed Ikbal’s Advice

Posted: October 26, 2009 in Rethink Remote Access

The next IT expert in our how to rethink remote access series is Javed Ikbal. Javed is the Chief Security Officer at zSquad, an Information Security consulting company in the Boston area. His specialty is building or re-engineering information security programs. Javed has taken some time to share his thoughts on remote access policy.

– Define who may get remote access and the documentation/authorization for getting that privilege
– Document and define the add/change/delete process
– Define if the VPN can be installed on personally owned HW or not
– Prohibit split tunneling
– Enforce endpoint security (patches, AV, local firewall)
– Activity they can do while connected to the VPN

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s