Sunday, May 13, 2012

Basic checklist for Remove Access Security

The Remote Access Security Checklist

The checklist of must-haves for any remote access policy.

Remote Access Policy Security Checklist

Antivirus software with real-time protection enabled - Make sure company-approved antivirus software is included on all remote access devices and set to update regularly.

Required personal firewall - In addition to antivirus software, a personal firewall should be configured and enabled on all remote devices. If a threat is detected all communications should be blocked.

Defined operating systems - Only allowed operating systems should be able to connect to the corporate network. If your company only uses and supports Windows computers, you should disallow *nix, Macs, etc.

Time out periods – Should be defined and set to when there is no activity on the computer. If there is no activity for 30 minutes for example, enforce a policy so the connection terminates. Be careful to test and make sure a download or upload triggers activity.

Targeted access to systems while on VPN - Only allow access to necessary internal resources. If a department only accesses one application on your internal network only provide them with access to that application.

Non-Disclosure Agreement - Vendors, third party companies, and even employees should sign an NDA in order to gain remote access. This will help protect any confidential information.

No comments: