Remote Access Policy
The purpose of this policy is to define standards for connecting to the Externis Network from a Computer or other device located outside of the Externis network. This policy is designed to minimize the potential exposure to Externis from risks associated with remote access connections by ensuring only secure methods are used to connect to the Externis network.
This policy applies to all Externis employees or Third parties with either an Externis owned or personally owned computer used to connect to the Externis network.
Permitted remote access connections
Remote access connections to the Externis network is only allowed by IT Service. All users who need a remote access must ask for the specific permission to the IT Service. The IT Service is allowed to grant/deny remote access. These include but are not limited to:
- Approved use of network resources service by registered staff.
- Teleworking by registered Externis employees.
- Network administration purposes by registered System Administration Staff.
- Administration of Externis Applications or Systems by approved Third parties.
Methods of Remote connection
IT Services only may approve appropriate remote access technologies for use to access the Externis network.
Externis Users should apply to IT Services for a list of currently approved methods.
Current preferred remote access technologies are limited to:
- Approved Externis Virtual private network (VPN)
Non-standard remote access connections
Organizations or individuals wishing to implement non-standard Remote Access must obtain prior approval from IT Services.
Protecting Remote Access Credentials
All individuals are responsible for safeguarding the remote access credentials granted to them and making sure that unauthorized individuals do not use them. These credentials may consist of username and password combinations, digital certificates or other software or hardware.
Username/Password Authentication
Where Username/Password authentication is used the following apply:
- Where remote access authentication is facilitated using a username and password a strong password must be used.
- At no time should any Externis employee provide his or her username or password to any unauthorized third party.
Remote Access Hosts
All hosts that are used for remote access to the Externis networks must:
- Use the most up-to-date anti-virus software.
- Be protected by an Externis or private Firewall.
- Not be made available for use to unauthorized third parties.
- Be available for inspection by IT Services if requested.
All Individuals/groups granted remote access connection privileges
It is the responsibility of all individuals/groups with remote access privileges to the Externis network to ensure that:
- Their remote access connection meets security standards as approved by Externis.
- The connection is only used for approved purposes.
- The remote access credentials granted to them are held safely and not disclosed to unauthorized third parties.
Externis employees providing remote access to Third parties
Externis employees must not provide remote access to the Externis network to third parties. This is strictly forbidden.
Third Parties
It is the responsibility of all contractors, vendors and agents with remote access privileges to the Externis network to ensure that the remote access connection adheres to the Security Standards as defined in this policy.
All Third parties must comply with the security measures as outlined in this policy document.
