Corporate |
Press Releases |
Remote workers reminded how to work safely on-line
Remote workers reminded how to work safely on-line
28 Apr 2009 - New Policy Enforcement Point for Microsoft IAG appliance
NETconsent has today announced at INFOSEC 2009, a new Policy Enforcement Point, SSLconsent, which has been specifically designed to raise standards of IT governance amongst users remotely accessing a corporate portal. User error has long been identified as a major cause of security breaches. From today, mobile and remote workers accessing applications through a corporate portal and using Microsoft's Intelligent Application Gateway, can now be automatically notified of relevant security procedures directly related to the way they access corporate IT resources.
Microsoft’s Intelligent Application Gateway provides “contextual access” to portals and network based applications dependent on the user’s profile, their location and the device being used for access. In order to protect confidential and sensitive data, users may not always have identical access to information when in and out of the office. For occasional remote workers this may lead to confusion and frustration if they do not understand why such restrictions are necessary thus generating potential information assurance risk exposures.
The new NETconsent Policy Enforcement Point guarantees that users are automatically reminded of their rights and responsibilities as often as deemed necessary by the host organisation. Furthermore standards of information assurance are improved at the moment of access by:
1. Raising security awareness amongst travelling employees, who are typically less familiar with remote working procedures and;
2. Requiring them to electronically confirm that they are following the prescribed procedure, which makes an individual more accountable for their actions.
The likelihood of human errors or other risky behaviour is therefore greatly reduced and a potential security breach avoided. “Business users are not IT experts,” says Bill Orme, Product Specialist at Microsoft. “Reminding workers of a few fundamental dos and don’ts through automated software, such as NETconsent, is sure to promote safer on-line working.”
1. Effectively communicate your mobile security policy.
|
It is no good having a written policy if users don’t know about it. Use language that is easy to understand and endorsed by line managers. Consider sending an abbreviated policy to all workers, as they may be using insecure devices that you don’t know about!
|
2. Get users to sign up to policies that affect them.
|
A greater degree of diligence will be instilled if users know they will be held accountable for their actions.
|
3. Be prepared to discipline people who flout guidelines.
|
Even if a security breach doesn’t occur, acceptable standards of behaviour should be upheld to ensure people are treated fairly and consistently.
Actual practice needs to reflect policy or change the policy!
|
4. Periodically remind users of their responsibilities.
|
Remember your users are not IT gurus. To keep security at the forefront of their minds when they have a ‘real’ job to do is not a one off exercise.
|
5. Make secure remote access user friendly.
|
Providing a secure pathway to information dependent on a user’s identity and the device being used at the time reduces the security burden on users and reduces the possibilities for human error.
|
About NETconsent
NETconsent Ltd is a leading vendor of policy & procedure management solutions and corporate communications. By automating policy management, NETconsent reduces risk and audit problems. By ensuring that users have the opportunity to read and agree to all company policies, NETconsent helps organisations comply with legislation directives, industry regulations and avoid costly litigation. NETconsent Ltd is a UK company based in Fleet providing policy compliance across the public and private sectors. For more information on NETconsent, visit www.netconsent.com or visit stand R70 at INFOSEC 2009, Earls Court, 28th – 30th April.
For further information please contact:
Beverley Stonehouse, NETconsent Ltd ~ T: +44 (0)870 013 1600 ~ E: beverleys@netconsent.com ~ Stand R70
About Microsoft
If you are interested in viewing additional information about the Microsoft Intelligent Application Gateway, please visit the Microsoft Web page at: http://www.microsoft.com/Forefront/edgesecurity/iag/en/us/default.aspx
For further information please contact:
Microsoft Media Hotline ~ T: 0845 602 5628 ~ E: ukprteam@microsoft.com
Remote-workers-reminded-how-to-work-safely-on-line.pdf
