|
|
|
NIST Revises Guidelines for Teleworking Security In an article on the Government Computer News website, William Jackson says that teleworking can be secure, but only if there is both policy and technology at each end. That’s why the National Institute of Standards and Technology (NIST) has come up with new guidelines to make the practice more secure. “The nature of telework and remote access technologies — permitting access to protected resources from external networks and often external hosts as well — generally places them at higher risk than similar technologies only accessed from inside the organization, as well as increasing the risk to the internal resources made available to teleworkers through remote access,” NIST said in its guidance for telework security. NIST’s “Guide to Enterprise Telework and Remote Access Security” was first published in 2002, and Jackson says its new revisions have been released for public comment. The goal of the revisions is to help secure teleworking, as well as provide recommendations for choosing and maintaining security for teleworkers. “Major security concerns include the lack of physical security controls, the use of unsecured networks, the connection of infected devices to internal networks, and the availability of internal resources to external hosts,” the guidelines say. “This publication provides information on security considerations for several types of remote access solutions, and it makes recommendations for securing a variety of telework and remote access technologies. It also gives advice on creating telework security policies.” To read the full article, click here: http://gcn.com/articles/2009/02/25/nist-telework-security-draft.aspx
|
