kevincostello
asked on
Question about remote access, VPN access security policies
Hi there,
I have a question about remote access policies and what potential risks a company could be opening up.
Currently, the company allows part time employees VPN clients installed on non-company machines in order to access certain internal resources from home offices.
My questions are:
*What sort of security risks would this policy be opening up? Is there a strong risk of viruses and malware spreading throughout the network if one of these non-company machines gets infected and connects to the VPN?
*Any risk with having computers with VPN access and mapped shared drives on home wireless networks that may or may not have security enabled?
* In an ideal situation for IT, what remote access policies could be in place to ensure the integrity and security of the network?
I have a question about remote access policies and what potential risks a company could be opening up.
Currently, the company allows part time employees VPN clients installed on non-company machines in order to access certain internal resources from home offices.
My questions are:
*What sort of security risks would this policy be opening up? Is there a strong risk of viruses and malware spreading throughout the network if one of these non-company machines gets infected and connects to the VPN?
*Any risk with having computers with VPN access and mapped shared drives on home wireless networks that may or may not have security enabled?
* In an ideal situation for IT, what remote access policies could be in place to ensure the integrity and security of the network?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks!
ASKER
I guess most of my concern here would initially be creating a business case for moving to a more secure policy. *Why* do they need to move to the safe approaches you guys list above?
What could happen if unmonitored clients are allowed to VPN in? What is likely, and what are some worst case scenario?
Thanks!