Last modified: mars 14, 2025
Policy No. 4204 Remote Access Procedure
Objectif
The purpose of this procedure is to define standards for connecting to PCSD’s network from any host. These standards are designed to minimize the potential exposure to PCSD from damages, which may result from unauthorized use of PCSD resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical PCSD internal systems, etc.
Champ d'application
This procedure applies to all PCSD employees, contractors, vendors, and agents with a PCSD-owned or personally owned computer or workstation used to connect to the PCSD network.
This procedure applies to remote access connections used to do work on behalf of PCSD, including reading or sending email, accessing PCSD servers, and viewing intranet web resources. Remote access implementations covered by this procedure include, but are not limited to, DSL, VPN, and SSH.
Procédure
It is the responsibility of PCSD employees, contractors, vendors, and agents with remote access privileges to PCSD’s network to ensure that their remote access connection is given the same consideration as the user’s on-site connection to PCSD.
Please review the following procedures to ensure the protection of information when accessing the PCSD network via remote access methods, and acceptable use of PCSD’s network:
Exigences
- Secure remote access must be strictly controlled. Control will be enforced via one-time password authentication or public/private keys with strong pass-phrases. For information on creating a strong pass-phrase, see the Password Procedures.
- At no time should any PCSD employee provide his or her login or email password to anyone, not even family members.
- PCSD employees with remote access privileges must ensure that their PCSD-owned or personal computer or workstation, which is remotely connected to PCSD’s network, is not connected to any other network at the same time, with the exception of personal networks that are under the complete control of the user.
- The InfoSec Team must approve non-standard hardware configurations. Security configurations for access to hardware must also be approved.
- All hosts that are connected to PCSD internal networks via remote access technologies must use the most up-to-date anti-virus software, including personal computers.
- Personal equipment used to connect to PCSD’s networks must meet the requirements of PCSD-owned equipment for remote access.
- Organizations or individuals who wish to implement non-standard Remote Access solutions to the PCSD production network must obtain prior approval from PCSD Tech Support.
Last Update Status:
Updated January 2015
Related Policies and Procedures
- 4204 Utilisation acceptable
- 4204 Audit
- 4204 Bureau propre
- 4204 Plan de reprise après sinistre
- 4204 Courriel
- 4204 Formation des employés à la sensibilisation à la sécurité
- 4204 Chiffrement
- 4204 Mot de passe
- 4204 Accès à distance
- 4204 Sécurité des routeurs et des commutateurs
- 4204 Sécurité des postes de travail sensibles
- 4204 Plan d'intervention de sécurité
- 4204 Sécurité du serveur
- 4204 Installation du logiciel
- 4204 Services de sécurité des sites web
- 4204 Communication entre dispositifs sans fil
- 4204 Communication d'infrastructure sans fil