Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

ISG No 104 - Staff Remote Access

advertisement 
Anglia Ruskin University Information Security Policy 104 – Staff
Remote Access
A member of staff seeking access from a remote workstation or laptop via a virtual
private network (VPN) connection to University applications on which corporate data is
stored must be subject to all security checks applied to other internal users. This policy
is not intended to cover the use of web-based connections (such as Outlook Web
Access (OWA) and the like).
Only remote access methods provided by ISMS should be used to access University
facilities.
It is acceptable to connect a University issued laptop to a third party network (such as in
a home broadband, hotel, airport, or hotspot) in order to access the University network
remotely.
Where staff members are supplied with a workstation or laptop computer for off-site use
by the University, it is their personal responsibility for taking due care and consideration
to ensure that it is kept secure.
Users of wireless mobile e-mail devices such as PDAs must only use Universityprovided equipment and services if they wish to have support or any level of service
agreement, and must comply with all University requirements in their use. Otherwise it is
the owner’s personal responsibility for such services. If a wireless e-mail device is lost or
stolen, the user must immediately notify ISMS so the device can be deactivated and the
user’s mail file protected. Additionally, users should not attempt to change the security
settings that are in place on the device. PDAs that will be used to store, transmit,
process, or access University systems, files, data, and/or e-mail systems should have
security controls in place designed to prevent compromise of the information. These
controls must include a power-on password and virus protection software
Security mechanisms designed to protect remote work stations and laptops, as well as
the data contained on them, should be used where possible. These security
mechanisms may include (but are not limited to):







disk and/or file encryption
personal firewall software (such as Windows or Apple Mac)
virus protection software (such as AVG; McAfee; Sophos; Norton)
operating system passwords,
password protected screen savers
physical security controls
locking cables (which can be obtained as part of the initial purchase)
It is permissible for personnel (contractors, employees or vendors) to connect their own
work stations, laptops, or other computer equipment to the University network, and a
visitor access mechanism has been implemented to facilitate this. However, as use of
the University network and services should only be for work purposes, the appropriate
approach for University employees should be the supply of a University-purchased work
station for the purpose. This practice applies both to in-office connections as well as
remote connections.
ARU - Version 0.3 - March 2009
1
In the event that connection of a non-University device to the private network is
unavoidable, the following restrictions apply:






Appropriate investigation and testing should be undertaken prior to connection to
ensure that the machine’s hardware and software will not be detrimental to the
performance of the University’s network. This can be facilitated by ISMS.
Anti-virus software, configured appropriately and regularly updated, should be
installed on the machine. (such as AVG; McAfee; Sophos; Norton)
The machine must be running a supported operating system and be confirmed to
be patched (with relevant security and functionality patches) to the current level
of University workstations. (i.e. Windows XP to SP3; Mac OS10)
For contract staff, contract terms must include a provision for cessation of use
and de-installation of any University software - whether in-house or purchased when the contract is terminated.
Arrangements should be made to ensure that the University’s software - whether
in-house or purchased – is de-installed when the requirement for the connection
ceases, or beforehand, if employment or contract term ceases. (Responsibility
for this action rests with the person who, or business unit which, made the
arrangements.)
A software based personal firewall such as Windows or Mac Firewall must be
installed and active on the system to be connected to the University network.
Users are discouraged from using their own personally owned work stations to
undertake University-related work as those systems are not generally configured with
the same degree of protection mechanisms as a University system. When doing this,
the data, and in some cases applications, are transferred to the non-University work
stations via a variety of routes such as:





diskettes
CD, DVDs
tapes and cartridges
via e-mail attachments
via USB memory devices
Appropriate steps must be taken, in advance (including encryption where appropriate),
to ensure that any potential risks to the University’s information and interests are
identified and effectively addressed.
ARU - Version 0.3 - March 2009
2
Related documents
Buying a Computer - Mr. Minger's Website
Buying a Computer - Mr. Minger's Website
LIST OF TABLES Table 1.1
LIST OF TABLES Table 1.1
General Farm Visit Checklist (Day-of)
General Farm Visit Checklist (Day-of)
Monthly Project Status Report FORM
Monthly Project Status Report FORM
Monthly Project Status Report FORM
Monthly Project Status Report FORM
Monthly Project Status Report FORM
Monthly Project Status Report FORM
FW1505 19.0v2 Navigating and Managing Sophos Firewall
FW1505 19.0v2 Navigating and Managing Sophos Firewall
ES80 19.0v2 Simulation Workbook
ES80 19.0v2 Simulation Workbook
Firewall-XGS126
Firewall-XGS126
FW0505 19.0v1 What is Sophos Firewall.pdf
FW0505 19.0v1 What is Sophos Firewall.pdf
Download
advertisement