The Remote Access Security Checklist

Posted: May 8, 2012 in Uncategorized

By Joe Schembri

Last week, I explained why secure remote access is so vital. This week, let’s consider the checklist of must-haves for any remote access policy.

Remote Access Policy Security Checklist

  • Antivirus software with real-time protection enabled – Make sure company-approved antivirus software is included on all remote access devices and set to update regularly.
  • Required personal firewall – In addition to antivirus software, a personal firewall should be configured and enabled on all remote devices. If a threat is detected all communications should be blocked.
  • Defined operating systems – Only allowed operating systems should be able to connect to the corporate network. If your company only uses and supports Windows computers, you should disallow *nix, Macs, etc.
  • Time out periods – Should be defined and set to when there is no activity on the computer. If there is no activity for 30 minutes for example, enforce a policy so the connection terminates. Be careful to test and make sure a download or upload triggers activity
  • Targeted access to systems while on VPN – Only allow access to necessary internal resources. If a department only accesses one application on your internal network only provide them with access to that application.
  • Non-Disclosure Agreement – Vendors, third party companies, and even employees should sign an NDA in order to gain remote access. This will help protect any confidential information.
What’s on your secure, remote access checklist?

Joe Schembri has over 10 years of IT and IT security experience and currently works with Villanova University’s online IT security training program,s including the CISSP certification prep program. 

 

 

Comments
  1. […] recently wrote about what should be included on a  remote access security checklist. A reader, very aptly, asked why identification and authentication were not on the list. I’d like […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s