With advances in technology and the push to make information on our network
accessible anywhere, we're getting a push to open up access to things like
e-mail and our corporate Internet to home users or travelers using public
computers. Obviously there are some risks associated with allowing this type
of access. Among them:
* No control over what security measures are installed on the non-company
owned workstation (AV software, Anti-spyware, Personal Firewalls, etc.).
* The user may accidentally or intentionally store sensitive information
on the workstation.
* Public places in particular lend themselves to things like shoulder
surfing.
What stance are your companies taking on access to corporate resources from a
non-corporate workstation? Is it allowed? Do you have any technical controls
in place to monitor what is being done? Do you provide security controls for
home users? Have you just established a policy and educated your users on the
risks?
I'd appreciated any input you have. Thanks in advance for your help.
John Kuisle - CISSP
Information Security Supervisor
Federated Mutual Insurance
507-455-5477
This e-mail and its attachments are intended only for the use of the
addressee(s) and may contain privileged, confidential or proprietary
information. If you are not the intended recipient, or the employee or agent
responsible for delivering the message to the intended recipient, you are
hereby notified that any dissemination, distribution, displaying, copying, or
use of this information is strictly prohibited. If you have received this
communication in error, please inform the sender immediately and delete and
destroy any record of this message. Thank you.
