Remote Access Control Policy for Richmond Investments

Topics: Access control, Authentication, Password Pages: 1 (302 words) Published: November 1, 2013
Remote Access Control Policy for Richman Investments

Authorization- Richman Investments must define rules as to who has access to which computer and network resources. My suggestion is that RI implements either a group membership policy or an authority-level policy to achieve this. Group policy would allow the administrator to assign different privileges to different groups. The admin would then assign different individual users to those different groups. So the users permissions would depend on the permissions of the group they were a member of. With authority-level policy the admin would assign different permissions to individual users based on their position and authority level within the company and what access that position requires.

Identification- Richman Investments needs to assign a unique identifier to each user in order to have accurate records of who is accessing, or trying to access, what applications, which network resource, and what data. The most common ID is the username, account number, or PIN

Authentication- In order to keep the remote access to Richman Investments secure, there must be proof that the person trying to gain access to the network remotely is the same person who has been granted access by identification. To do this RI can choose one of the following knowledge type authentications: PIN, password, or passphrase along with one of the following ownership type of authentication: smart card, key, badge, or token. Using a combination of ownership authentication and knowledge authentication proves to offer better security.

Accountability- Richman Investments must hold users responsible for what they do on the system. Log files can be used to detect, prevent, or monitor access to the system. Due to all the different privacy laws, RI must also secure its data. This will involve how data is retained i.e storage, how media is disposed of, and following compliance requirements.
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • remote access control policy Essay
  • Access Control Policy Essay
  • Unit 3 Assignment 2 Remote Access Control Policy Essay
  • Remote Access Standards for Richman Investments Essay
  • Essay about Access Control Policy
  • Remote Access Control Policies Essay
  • It 244 Access Control Policy Appendix F Essay
  • Access Control Policy Essay

Become a StudyMode Member

Sign Up - It's Free