2.7 Remote Access Policy Case Study

Good Essays
2.7 Remote Access Policy
2.7.1 It is the responsibility of all Meditech employees, contractors and vendors with remote access privileges to Meditech ‘s corporate network to ensure that their remote access connection is given the same consideration as the user's on-site connection to Meditech.
2.7.2 Secure remote access must be strictly controlled. Control will be enforced by two factor authentication.
2.7.3 Vendor accounts with access to the company network will only be enabled during the time period it is required and will be removed or disabled once it is no longer required.
2.7.4 Remote access connection will be setup to be disconnected automatically after 30 minutes of inactivity
2.7.5 All hosts that are connected to Meditech internal networks
…show more content…
To ensure that security risks are identified and controlled, such access, whether on site or remote, must be managed in accordance with the “Method Statement - Managing third party access”.
2.8.4 Third parties might occasionally require physical access to areas where Meditech IT equipment is located such as data centres and wiring centres. Such access must be agreed in advance with the relevant Meditech manager and is subject to formal risk assessment. Access controls must be used and logs maintained.
2.8.5 For any third party access, Meditech and third party must agree in advance a code of practice and non-disclosure agreement to protect University information and working practices.
2.8.6 Third party access arrangements will be reviewed on an annual basis to ensure information security risks are being managed effectively and validate that access is still
…show more content…
The making and taking of personal calls is allowable provided users keep these to a minimum.
2.9.2 Users must respect the privacy of others at all times and not attempt to access calls where the user is not the intended recipient or log into voice mail accounts that the user is not expressly authorised to access.
2.9.3 Meditech mobile phones devices are to be used for work-related purposes. A taxable benefit will not be treated as arising where any private use is incidental.
2.9.4 Mobile phone devices are assigned to a position or function and not to individual; however the post holders name is supplied to the mobile phone device supplier.
2.9.5 The mobile phone device may only be used by an assigned Meditech employee and must not be used by any other Meditech employees or third parties without the prior authorisation of the local mobile phone device administrator.
2.9.6 Users must ensure that they use Meditech mobile phone devices at all times in a manner which is lawful, ethical and efficient. Meditech may withdraw a mobile phone device from any employee who it believes is not complying with this policy or who misuses a mobile phone device in any

You May Also Find These Documents Helpful

  • Good Essays

    remote access policy

    • 464 Words
    • 2 Pages

    Remote access policy Purpose The purpose of this policy will provide the standards for connecting to any DoD networks from any host. These standards are created and designed to minimize any potential exposure to DoD network (s) from damage which may result from unauthorized user or access of DoD networks. Damages include loss of confidential or sensitive data, intellectual data, and damage to critical DoD internal systems. Scope This policy will apply to all DoD employees, contractors, vendors…

    • 464 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    Chris Stewart 4/6/2014 NT2580 Mon AM Policy General 1. It is the responsibility of Richman Investments employees, third party contractors, vendors and agents with remote access privileges to Richman Investments' networks to ensure that their remote access connection is given the same consideration as the user's on-site connection to the company. 2. General access to the Internet for recreational use by employees is discouraged through the Richman Investments Network. Employees of Richman…

    • 254 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    your needs and circumstances and have designed a remote access control policy that will work for you and your company. This is a multi-layered security system that consists of the user’s domain. The user is the first and the weakest link in any system. The security is only as strong as the user’s ability to understand what can go wrong. We can implement a training program session for security awareness. Another security measure is to implement a policy to stop employees from bringing in CD’S, DVD’S…

    • 775 Words
    • 4 Pages
    Better Essays
  • Powerful Essays

    Remote Access

    • 1553 Words
    • 7 Pages

    Remote Access Remote access • refers to the ability to access a computer, such as a home computer or an office network computer, from a remote location. • Remote access can be set up using a local area network (LAN), wide area network (WAN) or even a virtual private network (VPN) so that resources and systems can be accessed remotely. • To establish a remote connection, both the local machine and the remote computer/server must have remote-access software. Alternatively, there are service providers…

    • 1553 Words
    • 7 Pages
    Powerful Essays
  • Good Essays

    Remote Access

    • 496 Words
    • 2 Pages

    this correspondence. I have been tasked by the IT security team to draft a Remote Access Standard to be implemented within the current security infrastructure. Knowing the types of things that could come about from insecure resources I’d like to offer a solution to issues that may come about from using process like VPN and remote access for people that telework into the office from home. Having multiple levels of access controls will help keep this a minimum risk. The integrity of the company…

    • 496 Words
    • 2 Pages
    Good Essays
  • Good Essays

    Remote Access Policy 1. Overview See Purpose. 2. Purpose The purpose of this policy is to define standards for connecting to Corona District High School's network from any host. These standards are designed to minimize the potential exposure to Corona District High School from damages which may result from unauthorized use of Corona District High School resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical…

    • 848 Words
    • 4 Pages
    Good Essays
  • Satisfactory Essays

    remote access it255

    • 345 Words
    • 2 Pages

    Write a remote access security policy covering the most important security risk. 1) Wireless Access When the network is accessed remotely via wireless appropriate wireless security standards will be used. • Wired Equivalency Protocol (WEP) will be used as standard on Wi-Fi connections. • A WEP encryption key will be used. • The network will be configured not to advertise its presence. • The power of access points will be turned down to a minimum that still allows the access point…

    • 345 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Remote Access Control Policy for Richman Investments Authorization- Richman Investments must define rules as to who has access to which computer and network resources. My suggestion is that RI implements either a group membership policy or an authority-level policy to achieve this. Group policy would allow the administrator to assign different privileges to different groups. The admin would then assign different individual users to those different groups. So the users permissions would depend…

    • 302 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Remote Access Control Policy: Richman Corporation Authorization Rules: Controls will be configured to ensure access is approved for only company/corporate employees. These controls will be set up based off of the position (job roles) of the employees to ensure they can only access what is required to allow them to perform their duties. The policy will include group membership policies as well as authority-level policies. The employee access will be assigned to the appropriate groups and authority-…

    • 328 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    Remote Access Standards for Richman Investments Remote Access Standards for Richman Investments Purpose: This document is designed to provide definition of the standards for connecting remotely to Richman Investments’ network outside of the company’s direct network connection. The standards defined here are designed to mitigate exposure to potential damage to Richman Investments’ network, resulting from the use of unauthorized use of network resources. Scope: All Richman Investments agents, vendors…

    • 1109 Words
    • 4 Pages
    Better Essays