Slashdot Mirror

← Back to Stories (view on slashdot.org)

Remote Access Policies

Posted by samzenpus on Wednesday November 12, 2008 @01:17PM from the write-it-down-from-home dept.

Samalie writes "My company is considering implementing a formal remote access policy (and agreement for staff to sign) for users who access our network from home via VPN. Does anyone out there have any suggestions as to what this policy/agreement should contain? Anyone have their own corporate policy that I can borrow from? This is the first time I've come across anyone wanting a formal policy for this & online searches haven't been very helpful."

2 of 178 comments (clear)

Min score:

Reason:

Sort:

Too long by EmbeddedJanitor · 2008-11-12 13:32 · Score: 5, Insightful

There are two purposes for such documents:
Inform: part from the little "purpose" bit, the SANS does not do much.
(2) A legal rope to hang a user with. What most of the SANS doc is.
Folks, nobody reads a document like this. They will lose interest after the first few lines then either skip to the signing bit or throw it away.
Real security comes from informing the user, not from baffling and swamping them with techno-legal bs.
If you want real security, then clearly explain the issues.

--
Engineering is the art of compromise.
Re:Is this real? by s-twig · 2008-11-12 14:32 · Score: 5, Insightful

Did he even know SANS existed? You could be bothered to post a wry comment but couldn't muster the extra key strokes to make yourself helpful. C'mon be nice. :)