>Example:
>An employee takes home a lap top or portable PC. The PC's disk drive
>contains corporate data not necessarily confidential but corporate data
>none-the less. From home the employee connects to the Internet via a
>modem through an Internet Service provider he personally subscribes to.
>
>What should we include in the guidelines as minimum security
>recommendations?
>
>All suggestions will be appreciated. Thanks in advance.
>
>Kenneth W. Betcher
>The City of Winnipeg Corporate Services Dept.
>510 Main Street; Winnipeg, Manitoba, Canada; R3B - 1B9
>email: kbetcher @
city .
winnipeg .
mb .
ca
>Phone: (204) 986 - 3625; Fax: (204) 986 - 5966
>
>The opinions and/or bogus issues contained above are not those of
>either The City of Winnipeg or Kenneth W. Betcher!
>
Provide secured dial-up access to your network that will enable the laptop
user to access the Internet from home with the full protection of your
firewall. Then establish a policy forbidding any other means of accessing
the Internet with corporate laptops.
Unless the user in question has "unlimited" access time with his provider,
why wouldn't they want to use your *free* and *protected* connection.
This follows the concept of making it easy for users to "do the right thing".
---
Stephen Goldstein steveg @
cseic .
saic .
com
My first computer: A 24K Atari 800, Rev. A ROMS, November 1980
Disclaimer: That's not what I said.
|
|
