The accelerated adoption of Working from Home practices in 2020 has seen numerous IT teams and service providers rise fantastically to the challenge of making systems and data more available to higher numbers of remote users. For many organisations the Remote Access Policy is now an increasingly important element of their overall security posture.
To cater for today’s rapidly changing environment the content of a Remote Access Policy (sometimes called a Remote Access Control Policy) requires far more consideration than it ever used to. Many organisations will have originally developed this policy around traditional computing and connectivity arrangements that entailed connecting a “remote user” using a desktop or laptop to internal infrastructure via a VPN.
In more recent years enabling remote access to systems and data has been made easier, yet there are vastly more options and aspects to take into consideration if one is to draft a good Remote Access Policy, and get the associated processes and procedures right.
For example, many people use a mobile device to access company data that is predominantly located in the Cloud, whilst others are accessing company data that spans multiple different computing environments.
What are some of the elements of a Remote Access Policy you should consider documenting to cater for a changing environment?
- Access Rights and Privileges
- Anti-Virus and Firewall Protection
- Information Management
- Connection Requirements
- Audit Trails and System Logs
- Equipment Use
It is also key to ensure that users are aware of the related policies that need to be reviewed and signed in advance of providing remote access, for example:
- Acceptable Use Policy
- Password and Authentication Policy
- Communication and Mobile Device Policy
Read how we have assisted Inner West Council in Sydney to develop and deliver policies to meet their business requirements.
Version 20 Introduces New Content and Enhancements
We are pleased to announce the availability of Version 20 of the IT Policy System from October 1st.
- Updated interface and main menu options
- Policy merge option – if you wish to merge two or more policies into one single policy this is now possible
- Animated overlay – this highlighter function makes it easier to see content and information on screen
- Security awareness videos – 3 videos covering key security topics
- Who Do You Think You Are? – Access Control, Passwords and Authentication
- Attention Please! – Social Engineering, Phishing, Vishing and Smishing
- Security in Motion – Smart Devices and Remote Access
- Updated material in the Guidelines, Forms & Other Documents section
- Updated Incident Response Plan document in the Procedures and Processes section
View our video about the key aspects of the Policy Management as a Service offering.
For a further discussion, please contact Emma Tickner.