Children s Health System. Remote User Policy

Similar documents
Texas Health Resources

DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY

UT HEALTH SAN ANTONIO HANDBOOK OF OPERATING PROCEDURES

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

Payment Card Industry (PCI) Data Security Standard

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

Wireless Security Access Policy and Agreement

ISSP Network Security Plan

Chapter 11: Networks

Point ipos Implementation Guide. Hypercom P2100 using the Point ipos Payment Core Hypercom H2210/K1200 using the Point ipos Payment Core

Standard For IIUM Wireless Networking

Corporate Policy. Revision Change Date Originator Description Rev Erick Edstrom Initial

II.C.4. Policy: Southeastern Technical College Computer Use

Expected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy

The University of Texas at El Paso. Information Security Office Minimum Security Standards for Systems

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

Web Cash Fraud Prevention Best Practices

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

Chapter 11: It s a Network. Introduction to Networking

Medical Sciences Division IT Services (MSD IT)

Simple and Powerful Security for PCI DSS

Designing Polycom SpectraLink VoWLAN Solutions to Comply with Payment Card Industry (PCI) Data Security Standard (DSS)

Ready Theatre Systems RTS POS

Acceptable Use Policy

Department of Public Health O F S A N F R A N C I S C O

Technology in Action

Acceptable Use Policy

Jacksonville State University Acceptable Use Policy 1. Overview 2. Purpose 3. Scope

Guest Wireless Policy

HISPOL The United States House of Representatives Internet/ Intranet Security Policy. CATEGORY: Telecommunications Security

Acceptable Use Policy

Acceptable Use Policy

Area Covered is small Area covered is large. Data transfer rate is high Data transfer rate is low

GREATER ESSEX COUNTY DISTRICT SCHOOL BOARD

A+ Guide to Hardware: Managing, Maintaining, and Troubleshooting, 5e. Chapter 10 Networking Essentials

Security Standards for Information Systems

PCI PA - DSS. Point Vx Implementation Guide. Version For VeriFone Vx520, Vx680, Vx820 terminals using the Point Vx Payment Core (Point VxPC)

VISUAL SUMMARY COMMUNICATION CHANNELS COMMUNICATIONS. Communications and Networks

INTRODUCTION TO ICT.

Minimum Security Standards for Networked Devices

APPLICATION TO OPEN PORTS THROUGH THE FIREWALL

It is the process of sharing data, programs, and information between two or more computers.

2016 SC REGIONAL HOUSING AUTHORITY NO. 3 S EIV SECURITY POLICY

Data Communications. Course Design Data Communications. Pre/Post Test (80 Questions/80 Points) Upon Request None No No No

16/06/56. Communications and Networks. Communications and Networks. Communications and Networks

PCI PA-DSS Implementation Guide

ON-LINE EXPERT SUPPORT THROUGH VPN ACCESS

ISC2. Exam Questions CISSP. Certified Information Systems Security Professional (CISSP) Version:Demo

A+ Guide to Hardware: Managing, Maintaining, and Troubleshooting, 5e. Chapter 10 Networking Essentials

Chapter 24 Wireless Network Security

School of Computer Sciences Universiti Sains Malaysia Pulau Pinang

Firewall Configuration and Management Policy

POLICY 8200 NETWORK SECURITY

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP

FACTS WHAT DOES FARMERS STATE BANK DO WITH YOUR PERSONAL INFORMATION? WHY? WHAT? HOW? L QUESTIONS?

Smeal College of Business - Central Firewall Rules and Policies

5 Tips to Fortify your Wireless Network

HIPAA Security and Privacy Policies & Procedures

Access to University Data Policy

RES Version 3.2 Service Pack 7 Hotfix 5 with Transaction Vault Electronic Payment Driver Version 4.3 PCI Data Security Standard Adherence

IT ACCEPTABLE USE POLICY

L2F Case Study Overview

Remote Access Policy

E-companion. Quiz for IT-knowledge

10 Defense Mechanisms

Payment Card Industry Self-Assessment Questionnaire

Ensuring Desktop Central Compliance to Payment Card Industry (PCI) Data Security Standard

The following chart provides the breakdown of exam as to the weight of each section of the exam.

GM Information Security Controls

PA-DSS Implementation Guide For

Agile Controller-Campus V100R002C10. Permission Control Technical White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.

201 CMR COMPLIANCE CHECKLIST Yes No Reason If No Description

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 8 Networking Essentials

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

CYBERSECURITY IN THE POST ACUTE ARENA AGENDA

# ROLE DESCRIPTION / BENEFIT ISSUES / RISKS

PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL

Computing Policies / Procedures

CN!Express CX-6000 Single User Version PCI Compliance Status Version June 2005

Information Technology Standards

POLICY FOR DATA AND INFORMATION SECURITY AT BMC IN LUND. October Table of Contents

What is Eavedropping?

Networks and Communications MS216 - Course Outline -

WHITEPAPER. Security overview. podio.com

Safeguarding Cardholder Account Data

IT SECURITY RISK ANALYSIS FOR MEANINGFUL USE STAGE I

CTS2134 Introduction to Networking. Module 08: Network Security

Virtual Private Networks (VPNs)

Department of Public Health O F S A N F R A N C I S C O

3 rd Party Certification of Compliance with MA: 201 CMR 17.00

Google Cloud Platform: Customer Responsibility Matrix. April 2017

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

Cleveland State University General Policy for University Information and Technology Resources

Securing Wireless Networks by By Joe Klemencic Mon. Apr

Section 3.9 PCI DSS Information Security Policy Issued: November 2017 Replaces: June 2016

Cyber Security Practice Questions. Varying Difficulty

CIS Controls Measures and Metrics for Version 7

Ethical Hacking and Prevention

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 10 Authenticating Users

OPERA Version 4.0+ PABP Guide and PCI Data Security Standard Adherence

Transcription:

Children s Health System Remote User Policy July 28, 2008

Reason for this Policy This policy defines standards for connecting to the Children s Health System (CHS) network from any remote host. These standards are designed to minimize the potential exposure to CHS from damages which may result from unauthorized use of CHS resources. Damages include the loss of Sensitive or Restricted Data, including Protected Healthcare Information (PHI); loss of intellectual property; damage to public image; or damage to critical internal systems. Statement of Policy Scope: This policy applies to all Remote Users of CHS IT Resources including staff, physicians, residents, outside contractors, vendors, and other agents with a CHS-owned or personally-owned computer used to connect to the CHS network. This policy applies to remote access connections used to do work on behalf of CHS, including but not limited to, connecting to CHS resources, reading or sending e-mail and viewing intranet Web resources. All remote access implementations at CHS are covered by this policy including dial-in modems, frame relay, ISDN, DSL, VPN, SSH, cable modems, Citrix Access Gateway, and hardware or services provided by third parties. General 1. It is the responsibility of Remote Users to ensure that all possible measures have been taken to secure the remote machine. This includes hardware and software firewalls and anti-virus software as well as have the most recent operating system and application patches applied. A Remote User's computer system must be at least as secure as its on-site counterpart. 2. Remote Users must comply with federal, state, and local law and all CHS policies. 3. All Remote User activity during a remote session is subject to CHS policies and may be monitored and logged for compliance. 2

Requirements 1. Secure remote access must be strictly controlled. Access to CHS IT Resources will be controlled via either a Cisco VPN Client utilizing a SecurID user account and password or Dial Up Networking also utilizing a SecurID user account and password or through the Citrix Access Gateway utilizing a user ID and password. 2. All Remote Users working with Sensitive or Restricted Data must use CHS VPN services or the Citrix Access Gateway. 3. At no time will a Remote User provide their password to anyone, including family members. CHS employees will never ask for a Remote User's password. 4. Remote Users must ensure that their CHS-owned or personal computer or workstation, which is remotely connected to the CHS network, is not connected to any other network at the same time, other than a Private Network under the user's control. 5. All hosts that are connected to the CHS network must use up-todate anti-virus software, keep virus definitions up to date, and run regular scans. 6. Remote Users must ensure that systems used to connect to the CHS network have the most recent operating system and application patches applied. 7. When connecting to the CHS network with wireless connections on personal networks, the wireless connections must be encrypted using WEP or other acceptable secure technology. If connecting through a router that has a wireless transmitter, whether connected through either the wired or wireless ports, the transmitter must be configured in an encrypted mode or it must be turned off. 8. Users must ensure proper physical security precautions are taken when connecting to the CHS network from remote locations. For example: 1. Machines should not be left unattended while connected or logged into the CHS network. 2. In public environments, users should take precautions to prevent unwanted viewing of computer screens by unauthorized persons. Risks Connecting to the CHS network from an external source opens up the CHS network to any vulnerability that computer may have. If the remote user has viruses, Trojans, or worms running on their computer, those same vulnerabilities can be transferred to the CHS network when they 3

connect remotely. Since we will be logging Remote User connectivity, those vulnerabilities will be traced back to their originator. Compliance Anyone found to have violated this policy is subject to disciplinary action, up to and including termination. Approval (Please Initial the Risk Section above and then Sign and Date) Requestor print Date Requestor signature Supervisor Approval Director Approval Definitions Cable Modem Cable companies such as Charter provide Internet access over Cable TV coaxial cable. A cable modem accepts this coaxial cable and can receive data from the Internet at over 3 Mbps. Cable is currently available only in certain communities. Dial-in Modem The dial-in modem is a peripheral device that connects computers to each other for sending communications via the telephone lines. The modem modulates the digital data of computers into analog signals to send over the telephone lines, then demodulates back into digital signals to be read by the computer on the other end; thus the name "modem" for modulator/demodulator. 4

DSL Digital Subscriber Line (DSL) is a form of high-speed Internet access competing with cable modems. DSL works over standard phone lines and supports data speeds of over 3 Mbps downstream (to the user) and slower speeds upstream (to the Internet). ISDN There are two flavors of Integrated Services Digital Network or ISDN: BRI and PRI. BRI is used for home office/remote access. BRI has two "Bearer" channels at 64kbit (aggregate 128kb) and 1 D channel for signaling info. LEAP Lightweight Extensible Authentication Protocol is a challenge/response protocol that authenticates the user and, if authenticated, grants network access. Remote Access Remote Access is any access to the CHS corporate network through a network, device, or medium not controlled by CHS. SSH Secure Shell is a cryptographically strong replacement for login, telnet, ftp, and other programs that protects against spoofing'', man in the middle attacks, and packet sniffing. SSL Secured Sockets Layer is a protocol that transmits your communications over the Internet in an encrypted form. SSL ensures that the information is sent, unchanged, only to the server you intended to send it to. Online shopping sites frequently use SSL technology to safeguard your credit card information. VPN Virtual Private Network is a way to communicate through a dedicated server securely to a corporate network over the internet. WEP Wired Equivalent Privacy is a security protocol for wireless local area networks (WLANs). WEP is designed to provide the same level of security as that of a wired LAN. Wi-Fi Short for wireless fidelity and is another name for IEEE 802.11a\b\g wireless technology. 5

Citrix Access Gateway Provides access to applications deployed via Citrix to users utilizing a standard web browser. 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback