S 2.109 Assigning rights for remote access

Initiation responsibility: Head of IT Section, IT Security Management

Implementation responsibility: Administrators

Rights to access a corporate network from external points need to be restricted appropriately. In addition to the requirements stipulated in S 2.8 Granting of access permissions, further restrictions need to be imposed on remote access.

Access rights for directories with software may not necessarily exist in the case of a remote workstation, for example (refer to T 5.62 Misuse of resources via remote IT systems).

Additional controls:

• When were the rights for remote access reviewed last?