Problem solve Get help with specific problems with your technologies, process and projects.

Remote access security

A VPN provides a secure tunnel, but it doesn't address the security of remote access terminals (home PC, laptop, PDA, etc.). What is the best way to create a secure perimeter around these? Which vendors are addressing this area specifically? Does anyone offer remote access perimeter protection in a single package?

To create a security perimeter around the devices, you do need to consider virus protection, a personal firewall and intrusion detection. However, let's not forget about physical and personnel security. Home PCs, laptops and PDAs are used outside of the corporate physical security environment. As such, the access controls that are sufficient for the office may not be sufficient for remote access. For example, a username and password might be sufficient for the office environment, if your physical controls are such that only employees can even get physical access to the system. On the other hand, you might want to require some form of biometric device for remote access in order to prevent family members, friends or thieves from being able to use the remote computer to access your corporate network. The method you choose needs to be commensurate with the sensitivity of the data being processed, the perceived threat and costs of the access control systems.

Speaking of theft, you should also consider encryption of the data on the remote computers, so that when (not if) a laptop or PDA is stolen the thief cannot simply have free access to any locally stored data.

There are many vendors that are addressing pieces of this problem, but I do not know of any that are selling anything that is a whole package.

This was last published in November 2001

Dig Deeper on Web authentication and access control

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.