220 likes | 477 Views
Remote Access Policy. What is Remote Access???. The ability to access a computer or a network from a remote site.
E N D
What is Remote Access??? • The ability to access a computer or a network from a remote site. • Communication with a distant computer system or computer network. May require the user to type or enter an authorized username and password, and special software or hardware, such as a modem.
Examples of Remote Access • Go to My PC • Allows User to connect to any PC in his/her online account. • Tight VNC- A program similar to Go to My PC, but not readily accessible through a webpage.
Tight VNC- What is VNC? • VNC (an abbreviation for Virtual Network Computing) is a great client/server software package allowing remote network access to graphical desktops. With VNC, you can access your machine from everywhere provided that your machine is connected to the Internet. VNC is free (released under the GNU General Public License) and it's available on most platforms. Original VNC distribution can be obtained at this site.
Tight VNC is… • A program that runs a VNC server and allows you to connect through other computers Via VNC.
More Examples • FTP • The Internet • Wireless Network Access/Ethernet • Accessing Company Intranet from outside company.
Vulnerabilities/Security Risks • In class we have gone over the security risks of the internet- viruses, hackers, etc. • Running things like a Win VNC Server increase the risk of your computer getting hacked, especially if there is a listener and the password is easy to crack.
SANS Policy of Remote Access • The purpose of this policy is to define standards for connecting to a company’s network from any host. These standards are designed to minimize the potential exposure to the company from damages which may result from unauthorized use of resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical the company’s internal systems, etc.
The Rules to Follow • Basically, the rules follow the same standard for connect to pretty much any network, and basic computer care. • SANS asks that you also review the: Acceptable Encryption, Virtual Private Network (VPN), Wireless Communications, & Acceptable Use Policies
Some of them: • Secure remote access must be strictly controlled. Control will be enforced via one-time password authentication or public/private keys with strong pass-phrases • At no time should any employee provide their login or email password to anyone, not even family members.
… • Use the most up-to-date anti-virus software • Do not check non-corporate e-mail • Conduct no illegal activities