Last modified: marzo 14, 2025
Policy No. 4204 Remote Access Procedure
Propósito
The purpose of this procedure is to define standards for connecting to PCSD’s network from any host. These standards are designed to minimize the potential exposure to PCSD from damages, which may result from unauthorized use of PCSD resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical PCSD internal systems, etc.
Alcance
This procedure applies to all PCSD employees, contractors, vendors, and agents with a PCSD-owned or personally owned computer or workstation used to connect to the PCSD network.
This procedure applies to remote access connections used to do work on behalf of PCSD, including reading or sending email, accessing PCSD servers, and viewing intranet web resources. Remote access implementations covered by this procedure include, but are not limited to, DSL, VPN, and SSH.
Procedimiento
It is the responsibility of PCSD employees, contractors, vendors, and agents with remote access privileges to PCSD’s network to ensure that their remote access connection is given the same consideration as the user’s on-site connection to PCSD.
Please review the following procedures to ensure the protection of information when accessing the PCSD network via remote access methods, and acceptable use of PCSD’s network:
Requisitos
- Secure remote access must be strictly controlled. Control will be enforced via one-time password authentication or public/private keys with strong pass-phrases. For information on creating a strong pass-phrase, see the Password Procedures.
- At no time should any PCSD employee provide his or her login or email password to anyone, not even family members.
- PCSD employees with remote access privileges must ensure that their PCSD-owned or personal computer or workstation, which is remotely connected to PCSD’s network, is not connected to any other network at the same time, with the exception of personal networks that are under the complete control of the user.
- The InfoSec Team must approve non-standard hardware configurations. Security configurations for access to hardware must also be approved.
- All hosts that are connected to PCSD internal networks via remote access technologies must use the most up-to-date anti-virus software, including personal computers.
- Personal equipment used to connect to PCSD’s networks must meet the requirements of PCSD-owned equipment for remote access.
- Organizations or individuals who wish to implement non-standard Remote Access solutions to the PCSD production network must obtain prior approval from PCSD Tech Support.
Last Update Status:
Updated January 2015
Related Policies and Procedures
- 4204 Uso aceptable
- 4204 Auditoría
- 4204 Escritorio limpio
- 4204 Plan de recuperación en caso de catástrofe
- 4204 Correo electrónico
- 4204 Formación para la concienciación sobre seguridad de los empleados
- Cifrado 4204
- 4204 Contraseña
- 4204 Acceso remoto
- 4204 Seguridad de routers y conmutadores
- 4204 Seguridad para puestos de trabajo sensibles
- 4204 Plan de respuesta de seguridad
- 4204 Seguridad del servidor
- 4204 Instalación del software
- 4204 Seguridad de los servicios del sitio web
- 4204 Comunicación de dispositivos inalámbricos
- 4204 Comunicación de infraestructuras inalámbricas