Continuum Logo


Top of page

Size: View this website with small text View this website with medium text View this website with large text View this website with high visibility

2.7 Remote Access Policy

Contents

1. Purpose 
2. Scope
3. Policy 
3.1 General 
3.2 Requirements
3.2.1 Continuum Group employees and contractors must not
3.2.2 Continuum Group employees and contractors must
4. Enforcement  


1. Purpose

The purpose of this policy is to define standards for connecting to the Continuum Group’s networks from any host. These standards are designed to minimise the potential exposure to the Continuum Group from damages which may result from unauthorised use of Continuum group resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to critical Continuum internal; systems.


2. Scope

This policy applies to all Continuum employees, contractors,vendors and agents with a company owned or personally owned computer, workstation or laptop used to connect to the continuum networks. This policy applies to remote access connections used to do work on behalf of Continuum Group, including the reading or sending email and viewing intranet resources.

Remote Access implementations that are covered by this policy include, but are not limited to, dial-in modems, frame relay, isdn, ADSL, DSL VPN SHH and cable modems etc.


3. Policy

The Continuum Group offers several solutions for accessing internal network features, these are but not limited to:

  • Outlook Web Access (OWA) used to access company email using any computer/device with access to the internet. Only users with this function enabled on their account will have access.
  • Microsoft Virtual Private Network (VPN) Used to access all network resources from any Microsoft device with internet access.  Only users with this function enabled on their account will have access.
  • Vendor Specific VPN Used to access all network resources. Used to access all network resources from any device that has the Vendour specific Client software installed. Only users with this function enabled on their account will have access.

3.1 General

It is the responsibility of Continuum Group employees, contractors, vendors and agents with remote access privileges to Continuum Group's corporate networks to ensure that their remote access connection is given the same consideration as the user's on-site connection.

General access to the Internet  for recreational use whilst connected to the Continuum Group network is not permitted. The Continuum Group employee is responsible to ensure that no family member uses the personal computer whilst connected to the company network. Those using Remote Access must not violate any Company policies, does not perform illegal activities, and does not use the access for outside business interests. The Continuum Group employee bears responsibility for the consequences should the access be misused.

Please review the following policies for details of protecting information when accessing the corporate network via remote access methods, and acceptable use of Continuum Group's network:

Network and PC Acceptable Use Policy Procedure

Password Policy Procedure

Email Policy Procedure

Internet Usage Policy Procedure

By Default, all users will not be permitted to use Remote Access 

3.2 Requirements

Secure remote access must be strictly controlled. Control will be enforced via one-time password authentication or public/private keys with strong pass-phrases. For information on creating a strong pass-phrase see Password Policy Procedure

3.2.1 Continuum Group employees and contractors must not:

  • Provide their login or email password to anyone, not even family members.
  • Leave the device unattended when remote connection is active.

3.2.2 Continuum Group employees and contractors must:

  • Ensure that their Continuum Group-owned or personal computer or workstation, which is remotely connected to Continuum Group's corporate network, is not connected to any other network or other personal device at the same time, with the exception of personal networks that are under the complete control of the user.
  • Disconnect their remote connection when no longer requiring the connection.
  • Use the most up-to-date anti-virus software, this includes personal computers.
  • Personal equipment that is used to connect to Continuum Group's networks must meet the requirements of Continuum Group-owned equipment for remote access.
  • Take precautions when using public devices to prevent the unwanted viewing of computer screens.


4. Enforcement

Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

End