Anglia Ruskin University Information Security Policy 104 Staff Remote Access


3 Νοε 2013 (πριν από 4 χρόνια και 8 μήνες)

87 εμφανίσεις


Version 0.3

March 2009


Anglia Ruskin University Information Security Policy 104

Remote Access

A member of staff seeking access from a remote workstation or laptop
via a virtual
private network (VPN) connection
applications on which corporate data is

must be subject to all security checks applied to other internal users.

This policy
is not intended to cover the use of web
based connections (such as Outlook Web
Access (OWA) and the like).

remote access method
s provided by ISMS should be used to a
ccess University

It is acceptable to connect a University issued laptop to a third party network (such as in
a home broadband, hotel, airport, or hotspot)
in order to

access the University network

Where staff members are supplied
with a workstation or laptop computer for off
site use
by the University,
it is
their personal responsibility for

taking due care and consideration
to ensure that it is kept secure

Users of wireless mobile e
mail devices such as PDAs

must only use Unive
provided equipment and services

if they wish to have support or any level of service
, and must comply with all University requirements in their use.
Otherwise it is
the owner

s personal responsibility for such services.

If a wireless e

device is lost or
stolen, the user must immediately notify

so the device can be deactivated and the
user’s mail file protected. Additionally, users should not attempt to change the security
settings that are in place on the device.
PDAs that will be

used to store, transmit,
process, or access University systems, files, data, and/or e
should have
security controls in place designed to prevent compromise of the information. These
controls must include a power
on password and virus protect
ion software

Security mechanisms designed to protect remote work stations and laptops

as well as
the data contained on them

should be used where possible. These


mechanisms may include (but are not limited to)

disk and/or file encryption

ersonal firewall software

(such as Windows or Apple Mac)

virus protection software
(such as AVG; McAfee; Sophos; Norton)

operating system passwords,

assword protected screen savers

physical security controls

locking cables

(which can be obtained as part o
f the initial purchase)

It is permissible for personnel (contractors, employees or vendors) to connect their own
work stations, laptops, or other computer equipment to the University network, and a
visitor access mechanism has been implemented to facilita
te this. However, as use of
the University network and services should only be for work purposes, the appropriate
approach for University employees should be the supply of a University
purchased work
station for the purpose. This practice applies both to
office connections as well as
remote connections.


Version 0.3

March 2009


In the event that connection of a non
University device to the private network is
unavoidable, the following restrictions

Appropriate investigation and testing should be undertaken prior to co
nnection to
ensure that the machine’s hardware and software will not be detrimental to the
performance of the University’s network.

This can be facilitated by ISMS.

virus software, configured appropriately and regularly updated, should be
installed on

the machine

(such as AVG; McAfee; Sophos; Norton)

The machine must be running a supported operating system and be confirmed to
be patched (with relevant security and functionality patches) to the current level
of University workstations.

(i.e. Windows X
P to SP3; Mac OS10)

For contract staff, contract terms must include a provision for cessation of use
and de
installation of any University software

whether in
house or purchased

when the contract is terminated.

Arrangements should be made to ensure tha
t the University’s software

house or purchased

is de
installed when the requirement for the connection
ceases, or beforehand, if employment or contract term ceases. (Responsibility
for this action rests with the person who, or business unit

which, made the

A software based personal firewall
such as Windows or Mac Firewall

must be
installed and active on the system to be connected to the University network.

Users are discouraged from using their own personally owned work stat
ions to
undertake University
related work as those systems are not generally configured with
the same degree of protection mechanisms as a University system. When doing this,
the data, and in some cases applications, are transferred to the non
stations via a variety of routes such as:



tapes and cartridges

via e
mail attachments

via USB memory devices

Appropriate steps must be taken, in adv
(including encryption where appropriate)

to ensure that any potential risks to

the University’s information and interests are
identified and effectively addressed.