I have reviewed your needs and circumstances and have designed a remote access control policy that will work for you and your company.
This is a multi-layered security system that consists of the user’s domain. The user is the first and the weakest link in any system. The security is only as strong as the user’s ability to understand what can go wrong. We can implement a training program session for security awareness. Another security measure is to implement a policy to stop employees from bringing in CD’S, DVD’S, and USB’S or other personal devices into the work place that can connect to the network and possibly harming the system. The work station domain is where users first access the system, applications, and the data. The system should be password coded for authentication purposes. Applications and data ought to be monitored and permissions set accordingly. Downloading should also be limited to only those people with the proper permissions. The LAN domain is a collection of computers all connected to a central switch configured to run all of the company’s data. The LAN would have all the standards, procedures, and guidelines of all the users. I would insure all information closets, demark locations and server rooms are locked and secured at all times. Only those with proper ID or authorization would be allowed to access these locations. The LAN to WAN domain contains both physical and logical designs of the security appliances. For this layer you want to apply security protocols on file transfers, scans, and unknown files. The WAN connects the system to remote locations, such as other PC’s on your system i.e. the other 7 locations on our network. URL filters implemented on the system may ensure limited access to the web sites that are undesirable for business use. “The Remote Access Domain connects users to the organization’s IT infrastructure. Remote access is critical for staff members who work in the field or from home.” It is
Cited: (n.d.). (n.d.). Institute, S. (2006). Sans Remote Access policy . Retrieved Oct 6th, 2013, from Sans . org Resources : http://www.sans.org/security-resources/policies/Remote_Access_Policy.pdf Soloman, D. K. (2012). Fundamentals of information Systems security. Jones and Barlett.