Educause Security Discussion mailing list archives

Re: Remote access and data offloads.

From: Chris Green <cmgreen () UAB EDU>
Date: Wed, 5 Apr 2006 11:33:45 -0500

Hey from up I-59 :),

I've been trying to address this same problem by trying to make sure that
the desktop groups have centralized logging for for failed and successful
login.

I originally went down the road of wanting to block RDP and force VPN but
have since come to the mindset that there's a lot of pros for people to use
RDP.

Having users university data using their work desktop rather than having
their own PC via VPN and working from there gives us more control at the
point we really care about.  Originally, our VPN was a customer service
issue when @home blocked MS Networking (my things have changed ;-) )  It's
also much easier for our helpdesk to walk someone through finding mstsc on
their PC than it is for someone to install the VPN client.

A weakness is that it allows brute force attempts against more PCs and local
account which is traditionally

One line of thought that would move be back towards VPN is the ability to
have policy compliance (patch checking, AV up to date, infection free?)
performed on the desktop before they connect to the network. All of the
products that I've seen for that perform that check AFTER the user has given
their credentials away which is the (or one of the) event that was critical
to prevent.

I also try and make sure people on windows aren't using VNC or similar since
they don't benefit from automatic updates from Microsoft.


On 4/4/06 11:16 AM, "Doug Sandford" <dsandfor () SEEBECK UA EDU> wrote:

Does anyone have a workable institutional poly regarding remote
desktop access versus VPN? We want to put something together that
'encourages' the use of a VPN connection that permits a degree of
accountability. Although our Acceptable Use Policy addresses
University data in all forms as just that, we would like to reiterate
that issue of downloading institutional data to home computers etc.

While a VPN without content filtering in some form is not the answer
to unauthorized downloads, we feel it at least offers some degree of
accountability for 'who-was-where-and-when'.


-- 
Chris Green
UAB Data Security, 5-0842

Current thread:

Remote access and data offloads. Doug Sandford (Apr 04)
- <Possible follow-ups>
- Re: Remote access and data offloads. Russell Fulton (Apr 04)
- Re: Remote access and data offloads. Chris Green (Apr 05)
- Re: Remote access and data offloads. Russell Fulton (Apr 05)
- Re: Remote access and data offloads. Steve Brukbacher (Apr 05)