Remote Access

Remote Access

The pandemic proved that working remotely is not just effective but sometimes vital for the organization. An article shows that protection of remote connections can sometimes be literally vital.

The related ISO 27001 standard requirement sounds like this: “Security measures shall be implemented when personnel are working remotely to protect information accessed, processed or stored outside the organization’s premises.” (A6.7)

Taking a look at the requirement, it is clear that the security measures (regulations or technical protection) must cover

  • access to information stored on the company’s central resources from outside the organization’s physical security zone, i.e. protection of the transmission channel and
  • controls related to the storage and handling of information taken outside the organization’s premises.

Trivial controls should include

  • conditions of the use of privately owned devices (BYOD),
  • what communication channels and encryption be used,
  • policy to prohibit the use of company assets by friends or family members to complete non-work-related tasks and
  • advise workforce members not to reuse passwords, as compromised private passwords may be used to access company accounts.
06/08/2024
«
»
DACHS
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.