By Joe Schembri
Last week, I explained why secure remote access is so vital. This week, let’s consider the checklist of must-haves for any remote access policy.
- Antivirus software with real-time protection enabled – Make sure company-approved antivirus software is included on all remote access devices and set to update regularly.
- Required personal firewall – In addition to antivirus software, a personal firewall should be configured and enabled on all remote devices. If a threat is detected all communications should be blocked.
- Defined operating systems – Only allowed operating systems should be able to connect to the corporate network. If your company only uses and supports Windows computers, you should disallow *nix, Macs, etc.
- Time out periods – Should be defined and set to when there is no activity on the computer. If there is no activity for 30 minutes for example, enforce a policy so the connection terminates. Be careful to test and make sure a download or upload triggers activity
- Targeted access to systems while on VPN – Only allow access to necessary internal resources. If a department only accesses one application on your internal network only provide them with access to that application.
- Non-Disclosure Agreement – Vendors, third party companies, and even employees should sign an NDA in order to gain remote access. This will help protect any confidential information.
What’s on your secure, remote access checklist?