By Joe Schembri
Last week, I explained why secure remote access is so vital. This week, let’s consider the checklist of must-haves for any remote access policy.
Remote Access Policy Security Checklist
- Antivirus software with real-time protection enabled – Make sure company-approved antivirus software is included on all remote access devices and set to update regularly.
- Required personal firewall – In addition to antivirus software, a personal firewall should be configured and enabled on all remote devices. If a threat is detected all communications should be blocked.
- Defined operating systems – Only allowed operating systems should be able to connect to the corporate network. If your company only uses and supports Windows computers, you should disallow *nix, Macs, etc.
- Time out periods – Should be defined and set to when there is no activity on the computer. If there is no activity for 30 minutes for example, enforce a policy so the connection terminates. Be careful to test and make sure a download or upload triggers activity
- Targeted access to systems while on VPN – Only allow access to necessary internal resources. If a department only accesses one application on your internal network only provide them with access to that application.
- Non-Disclosure Agreement – Vendors, third party companies, and even employees should sign an NDA in order to gain remote access. This will help protect any confidential information.
What’s on your secure, remote access checklist?
Joe Schembri has over 10 years of IT and IT security experience and currently works with Villanova University’s online program,s including the prep program.