Security Basics mailing list archives
Re: Remote desktop access policy
From: "Gleb Paharenko" <gpaharenko () gmail com>
Date: Fri, 18 Jan 2008 23:28:10 +0200
Hi. In my opinion it depends on what gain will company obtain comparatively to risks you're getting by allowing remote vpn desktop connections. In most cases perhaps, only system administrators of business continuity critical systems should have remote access to that systems, but not sure if they need connection to their desktops in this case. *There are* threats of leaving average user or even system administrators computers turn on to the corporate network at night or holidays: - some user process which is under control can damage other systems (say looping access to resource can overwrite some servers log. - hackers can work at night I'm always turn off my windows machine and put down network interface on linux :) Same you can apply to customer machine - turn off policy and even automatic limiting network access in non business time. 2008/1/18, WALI <hkhasgiwale () gmail com>:
Hi guys...do you have any remote desktop policy clauses that you can share? I am having difficulties in trying to tell people the hazards of haphazardly asking IT guys the perils of asking access to their desktops when the come in via VPN. Everyone wants to have a VPN client and then to a remote desktop session to their desktop. How can I tell them the threats of doing so? Are there any threats? Should I restrict such usage? For one, it makes a lot of economic sense to switch off PC once a user leaves his/her desk for the day.
-- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com
Current thread:
- Re: Analyzing Suspicious Attachment, (continued)
- Re: Analyzing Suspicious Attachment Albert R. Campa (Jan 17)
- RE: Analyzing Suspicious Attachment Brett Kennedy (Jan 17)
- Remote desktop access policy WALI (Jan 18)
- RE: Remote desktop access policy Petter Bruland (Jan 18)
- AW: Remote desktop access policy Johannes Lemmerer (Jan 18)
- Re: Remote desktop access policy Josh Haft (Jan 18)
- Re: Remote desktop access policy The Security Community (Jan 18)
- Re: Remote desktop access policy Kurt Buff (Jan 19)
- Re: Remote desktop access policy WALI (Jan 21)
- Re: Remote desktop access policy Kurt Buff (Jan 21)
- RE: Analyzing Suspicious Attachment Brett Kennedy (Jan 17)
- Re: Analyzing Suspicious Attachment Albert R. Campa (Jan 17)
- Re: Remote desktop access policy Gleb Paharenko (Jan 18)
- Re: Remote desktop access policy Kurt Buff (Jan 19)
- Re: Analyzing Suspicious Attachment brian . bevers (Jan 17)
- RE: Analyzing Suspicious Attachment Richard Golodner (Jan 18)
- Re: Analyzing Suspicious Attachment Josh Haft (Jan 18)
- RE: Analyzing Suspicious Attachment Petter Bruland (Jan 18)
- Re: Analyzing Suspicious Attachment Lee Hinman (Jan 18)