A VPN provides a secure tunnel, but it doesn't address the security of remote
access terminals (home PC, laptop, PDA, etc.). What is the best way to create a secure perimeter around these? Which vendors are addressing this area specifically? Does anyone offer remote access perimeter protection in a single package?
To create a security perimeter around the devices, you do need to consider
, a personal firewall
and intrusion detection
. However, let's
not forget about physical and personnel security. Home PCs, laptops and
PDAs are used outside of the corporate physical security environment. As such, the access controls that are sufficient for the office may not be sufficient for
remote access. For example, a username and password might be sufficient for the
office environment, if your physical controls are such that only employees
can even get physical access to the system. On the other hand, you might want to
require some form of biometric device
for remote access in order to prevent
family members, friends or thieves from being able to use the remote
computer to access your corporate network. The method you choose needs to be
commensurate with the sensitivity of the data being processed, the perceived
threat and costs of the access control systems.
Speaking of theft, you should also consider encryption of the data on the
remote computers, so that when (not if) a laptop or PDA is stolen the thief cannot simply have free access to any locally stored data.
There are many vendors that are addressing pieces of this problem, but I do
not know of any that are selling anything that is a whole package.
This was first published in November 2001