remote access control policy

Better Essays
Dear Richman Investments,
I have reviewed your needs and circumstances and have designed a remote access control policy that will work for you and your company.
This is a multi-layered security system that consists of the user’s domain. The user is the first and the weakest link in any system. The security is only as strong as the user’s ability to understand what can go wrong. We can implement a training program session for security awareness. Another security measure is to implement a policy to stop employees from bringing in CD’S, DVD’S, and USB’S or other personal devices into the work place that can connect to the network and possibly harming the system. The work station domain is where users first access the system, applications, and the data. The system should be password coded for authentication purposes. Applications and data ought to be monitored and permissions set accordingly. Downloading should also be limited to only those people with the proper permissions. The LAN domain is a collection of computers all connected to a central switch configured to run all of the company’s data. The LAN would have all the standards, procedures, and guidelines of all the users. I would insure all information closets, demark locations and server rooms are locked and secured at all times. Only those with proper ID or authorization would be allowed to access these locations. The LAN to WAN domain contains both physical and logical designs of the security appliances. For this layer you want to apply security protocols on file transfers, scans, and unknown files. The WAN connects the system to remote locations, such as other PC’s on your system i.e. the other 7 locations on our network. URL filters implemented on the system may ensure limited access to the web sites that are undesirable for business use. “The Remote Access Domain connects users to the organization’s IT infrastructure. Remote access is critical for staff members who work in the field or from home.” It is



Cited: (n.d.). (n.d.). Institute, S. (2006). Sans Remote Access policy . Retrieved Oct 6th, 2013, from Sans . org Resources : http://www.sans.org/security-resources/policies/Remote_Access_Policy.pdf Soloman, D. K. (2012). Fundamentals of information Systems security. Jones and Barlett.

You May Also Find These Documents Helpful

  • Satisfactory Essays

    Chris Stewart 4/6/2014 NT2580 Mon AM Policy General 1. It is the responsibility of Richman Investments employees, third party contractors, vendors and agents with remote access privileges to Richman Investments' networks to ensure that their remote access connection is given the same consideration as the user's on-site connection to the company. 2. General access to the Internet for recreational use by employees is discouraged through the Richman Investments Network. Employees of Richman…

    • 254 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    remote access policy

    • 464 Words
    • 2 Pages

    Remote access policy Purpose The purpose of this policy will provide the standards for connecting to any DoD networks from any host. These standards are created and designed to minimize any potential exposure to DoD network (s) from damage which may result from unauthorized user or access of DoD networks. Damages include loss of confidential or sensitive data, intellectual data, and damage to critical DoD internal systems. Scope This policy will apply to all DoD employees, contractors, vendors…

    • 464 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    Remote Access Control Policy for Richman Investments Authorization- Richman Investments must define rules as to who has access to which computer and network resources. My suggestion is that RI implements either a group membership policy or an authority-level policy to achieve this. Group policy would allow the administrator to assign different privileges to different groups. The admin would then assign different individual users to those different groups. So the users permissions would depend…

    • 302 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Access Control Policy

    • 703 Words
    • 3 Pages

    Material Appendix F Access Control Policy Student Name: University of Phoenix IT/244 Intro to IT Security Instructor’s Name: Date: December 9, 2012 Access Control Policy Due in Week Seven: Outline the Access Control Policy. Describe how access control methodologies work to secure information systems 1 Authentication Describe how and why authentication credentials are used to identify and control access to files, screens, and systems. Include…

    • 703 Words
    • 3 Pages
    Good Essays
  • Powerful Essays

    Access Control Policy

    • 833 Words
    • 3 Pages

    Associate Level Material Appendix F Access Control Policy Student Name: Casey DeCesare University of Phoenix IT/244 Intro to IT Security Instructor’s Name: Scott Sabo Date: 5/27/2014 1. Access Control Policy Due in Week Seven: Outline the Access Control Policy. Describe how access control methodologies work to secure information systems 1.1. Authentication Describe how and why authentication credentials are used to identify and control access to files, screens, and systems. Include…

    • 833 Words
    • 3 Pages
    Powerful Essays
  • Powerful Essays

    Remote Access

    • 1553 Words
    • 7 Pages

    Remote Access Remote access • refers to the ability to access a computer, such as a home computer or an office network computer, from a remote location. • Remote access can be set up using a local area network (LAN), wide area network (WAN) or even a virtual private network (VPN) so that resources and systems can be accessed remotely. • To establish a remote connection, both the local machine and the remote computer/server must have remote-access software. Alternatively, there are service providers…

    • 1553 Words
    • 7 Pages
    Powerful Essays
  • Good Essays

    Remote Access

    • 496 Words
    • 2 Pages

    correspondence. I have been tasked by the IT security team to draft a Remote Access Standard to be implemented within the current security infrastructure. Knowing the types of things that could come about from insecure resources I’d like to offer a solution to issues that may come about from using process like VPN and remote access for people that telework into the office from home. Having multiple levels of access controls will help keep this a minimum risk. The integrity of the company is…

    • 496 Words
    • 2 Pages
    Good Essays
  • Good Essays

    Remote Access Policy 1. Overview See Purpose. 2. Purpose The purpose of this policy is to define standards for connecting to Corona District High School's network from any host. These standards are designed to minimize the potential exposure to Corona District High School from damages which may result from unauthorized use of Corona District High School resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical…

    • 848 Words
    • 4 Pages
    Good Essays
  • Satisfactory Essays

    Remote Access Control Policy: Richman Corporation Authorization Rules: Controls will be configured to ensure access is approved for only company/corporate employees. These controls will be set up based off of the position (job roles) of the employees to ensure they can only access what is required to allow them to perform their duties. The policy will include group membership policies as well as authority-level policies. The employee access will be assigned to the appropriate groups and authority-…

    • 328 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    2.7 Remote Access Policy 2.7.1 It is the responsibility of all Meditech employees, contractors and vendors with remote access privileges to Meditech ‘s corporate network to ensure that their remote access connection is given the same consideration as the user's on-site connection to Meditech. 2.7.2 Secure remote access must be strictly controlled. Control will be enforced by two factor authentication. 2.7.3 Vendor accounts with access to the company network will only be enabled during the time period…

    • 827 Words
    • 4 Pages
    Good Essays