What role does each user play in the organization? What remote access is appropriate for that role given the device used? What device types require remote access? Is the device company- or employee-owned? Add location and processes/data access controls, and you run into capability walls with many older remote access and admission control solutions.Īs we progress through the remaining chapter, we pursue safe implementation of remote access control objectives based on five security considerations:
Is acceptable use the same when the vice president of finance uses a smartphone to connect as it is for an accounts payable clerk with a tablet? So it is also about roles. For example, is the acceptable use policy the same for remote employee-owned tablets as it is for company-owned laptops? Should it be? How can we enforce different policies for different devices?Īnd it is not just device differences. The expanding connectivity requirements are exceeding the ability of our traditional access and admission control technologies. In addition to consumer device connectivity, we increasingly receive requests to connect to cloud service provider networks or create more traditional business-to-business (B2B) connections to enhance productivity and reduce cost. Like wireless access, we are unable to just say no. Use of their own devices is fine with management when budgets can then target bigger revenue generation projects. As we saw in Chapter 6, employees (supported by the business) are increasingly demanding use of smartphones and tablets.
0 kommentar(er)
