Date Published: June 2009
Supersedes:
SP 800-46 (08/01/2002)
Author(s)
Karen Scarfone (NIST), Paul Hoffman (Virtual Private Network Consortium), Murugiah Souppaya (NIST)
Many organizations employees and contractors use enterprise telework technologies to perform work from external locations. Most teleworkers use remote access technologies to interface with an organization's non-public computing resources. The nature of telework and remote access technologies permitting access to protected resources from external networks and often external hosts as well generally places them at higher risk than similar technologies only accessed from inside the organization, as well as increasing the risk to the internal resources made available to teleworkers through remote access. This publication provides information on security considerations for several types of remote access solutions, and it makes recommendations for securing a variety of telework and remote access technologies. It also gives advice on creating telework security policies.
Many organizations employees and contractors use enterprise telework technologies to perform work from external locations. Most teleworkers use remote access technologies to interface with an organization's non-public computing resources. The nature of telework and remote access technologies...
See full abstract
Many organizations employees and contractors use enterprise telework technologies to perform work from external locations. Most teleworkers use remote access technologies to interface with an organization's non-public computing resources. The nature of telework and remote access technologies permitting access to protected resources from external networks and often external hosts as well generally places them at higher risk than similar technologies only accessed from inside the organization, as well as increasing the risk to the internal resources made available to teleworkers through remote access. This publication provides information on security considerations for several types of remote access solutions, and it makes recommendations for securing a variety of telework and remote access technologies. It also gives advice on creating telework security policies.
Hide full abstract
Keywords
Mobile device security; remote access; remote access security; telework; telework security; virtual private networking
Control Families
Access Control; Configuration Management; Contingency Planning; Identification and Authentication; Media Protection; Risk Assessment; System and Communications Protection; System and Information Integrity
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
