Allari - Providing IT as a Service

Allari: Remote Access Tool Policy

ict-policy-update-img01.jpg
Allari:  Remote Access Tool Policy
  1. Overview
    Remote desktop software, also known as remote access tools, provide a way for computer users and support staff alike to share screens, access work computer systems from home, and vice versa. Examples of such software include LogMeIn, GoToMyPC, VNC (Virtual Network Computing), and Windows Remote Desktop (RDP). While these tools can save significant time and money by eliminating travel and enabling collaboration, they also provide a back door into the Allari network that can be used for theft of, unauthorized access to, or destruction of assets. As a result, only approved, monitored, and properly controlled remote access tools may be used on Allari computer systems.
  2. Purpose
    This policy applies to all remote access where either end of the communication terminates at an Allari computer asset.
  3. Policy
    All remote access tools used to communicate between Allari assets and other systems must comply with the following policy requirements
    1. Remote Access Tools
      Allari provides mechanisms to collaborate between internal users, with external partners, and from non-Allari systems.

      The approved software list can be obtained from each customer's connection policy. Because proper configuration is important for secure use of these tools, mandatory configuration procedures are provided for each of the approved tools. The approved software list may change at any time, but the following requirements will be used for selecting approved products: 
      1. All remote access tools or systems that allow communication to Allari resources from the Internet or external partner systems must require multi-factor authentication. Examples include authentication tokens and smart cards that require an additional PIN or password.
      2. The authentication database source must be Active Directory or LDAP, and the authentication protocol must involve a challenge-response protocol that is not susceptible to replay attacks.
      3. The remote access tool must mutually authenticate both ends of the session.
      4. Remote access tools must support the application layer proxy rather than direct connections through the perimeter firewall(s). Remote access tools must support strong, end-to-end encryption of the remote access communication channels as specified in the Allari network encryption protocols policy.
      5. All Allari antivirus, data loss prevention, and other security systems must not be disabled, interfered with, or circumvented in any way.
      All remote access tools must be purchased through the standard Allari procurement process, and the information technology group must approve the purchase.
  4. Policy Compliance
    1. Compliance Measurement
      The Infosec team will verify compliance to this policy through various methods, including but not limited to, periodic walk-thrus, video monitoring, business tool reports, internal and external audits, and feedback to the policy owner.
    2. Exceptions
      Any exception to the policy must be approved by the InfoSec team in advance.
    3. Non-Compliance
      An employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
  5. Related Standards, Policies & Processes
    None
  6. Definitions and Terms
    None

MORE ARTICLES YOU MAY LIKE

What is Downtime?

Downtime is another way of saying a system is not available to the users. It is also referred to as an outage. While downtime can be planned months in advance, it is typically not and is often a surprise.

 

5 Reasons Multitasking is Bad for IT Productivity

When it comes to IT operations, multitasking seems to be a prerequisite. Quite often it's even written into the job posting. However, research is revealing that multitasking may do more damage than good.

It's the Process, Stupid!

The greatest invention in the last 200 years isn't a product, but rather the scientific method, the process which has been used to create millions of products. Today, when change is exponential, a focus on process over products is even more important.

 

OUR PEOPLE MAKE THE DIFFERENCE

About Us
Allari is a leading global professional ITaaS company primary focused on the IT Operations of Enterprise level IT Departments. 

Leadership
Our leaders have led Allari to continuous growth since the start of the company in 1999 and they continuously embody our corporate culture and company values. 

Locations
North America
Allari, Inc. (HQ)
9128 Strada Pl
Suite# 10115
Naples, FL 34108
Tel:  (866) 937-2224

South America
South America Allari del Ecuador S.A
Calle Acacias y Calle 7
Quevedo Los Rios 120302
Ecuador
Tel: 593-991-60383

Asia Pacific
Allari, Inc.
Dowlath Towers
Taylors Road
Kilpauk, Chennai 600010

A Video You May Like
Top 3 Ways To Prevent Downtime

1. Implement Preventive Maintenance Schedules

2. Execute Pre Business System Checks

3. Implement Measurements & Indicators

Implement Preventive Maintenance Schedules

Take care of your IT assets and they will take care of you. Implement a consistent, high quality preventive maintenance schedule. Let Allari do the chore based tasks while you focus on the important stuff!