Firewall Wizards mailing list archives
Re: Remote Access Policy
From: Fred Chase <fnc () mitre org>
Date: Tue, 21 Jul 1998 17:21:41 -0400
Tina Bird wrote:
... I need a few references to ... policy .. in the area of .. Internet-based .... remote access.
Below is MITRE's policy for internet (not dialup) remote access. -Fred Chase 4.2.2.1 VSCLIENT "Remote Desktop" Security Policy A user must take steps to protect the confidentiality, integrity, and availability of MITRE information. Use is approved when the following policy conditions are met: 1. All MITRE information held locally must be protected from non-MITRE access by either physical or software security when the system is not in use by MITRE staff. This can be done with a locked office, removable media, or encryption of the information with a package such as "Your Eyes Only". Alternatively, all MITRE information can be removed from the local system at the end of each session, leaving the information stored on servers back inside the MITRE security firewall. 2. Your connection with MITRE must be protected from non-MITRE access at the desktop any time the you leave the system unattended. This access control can be provided by using a locked office or a locking "screen saver" which locks user interaction after no more than 30 minutes of inactivity. "Your Eyes Only" on Win95, or existing capabilities of Windows NT are recommended. 3. Your connection with MITRE must be protected from non-MITRE remote access. Applications providing remote application sharing functions to non-MITRE systems may not be running on the machine while there is a connection with MITRE. · Running Microsoft Net Meeting is permitted, but application sharing "control" access must not be given to non-MITRE users. · Running CVW (which has no local application sharing) is permitted. · Running Timbuktu is permitted, but "control" access must not be given to non-MITRE users. Any usage or configuration not consistent with the above needs advance written approval by INFOSEC (see MCF 3371).
Current thread:
- Remote Access Policy Tina Bird (Jul 21)
- Re: Remote Access Policy Fred Chase (Jul 22)
- Re: Remote Access Policy Peter J. Cherny (Jul 22)