Retrieved from https://studentshare.org/miscellaneous/1624120-define-a-remote-access-policy-to-support-remote-health-care-clinics
https://studentshare.org/miscellaneous/1624120-define-a-remote-access-policy-to-support-remote-health-care-clinics.
Remote access policy Remote access policy The security policy of organizations sets specific standards on how business informationsystems are protected from both external and internal threats. Defining a particular security policy gives an organization the opportunity to refine and define its collective responsibility in both external and internal operations relationship. It embraces every sphere of the operations done by the organization and not strictly impinged by information technology. Security policies must have the capacity to adapt to the constant changes within an organization Clark University, 2013).
The personnel in charge of maintenance and creating security policy have the responsibility to identify technology changes in health care systems. A key area of concern in the modern society is to what extent privacy of people are protected. Advances that have been made by technology in the recent past has enabled storage of large information amounts with limited expenses involved.Similarly, technology has also hastened access to information within limited duration of time. Unknown individuals may access private information a factor that makes availability of security policies an essentiality.
Programs of security awareness are designed in such a way to sensitize users on organization’s security policy. Security awareness education to the employees does not only focus on giving them access to information of the organization. It goes beyond giving them emails and password to use by covering aspects such as training on monitoring and gathering information using various tools (Fisher, 2001).Security awareness training (Security Policy)Security awareness training focuses on employees’ familiarization with the security policy of a particular organization.
The points of focus in security policy may include but not limited to:1. Training the staff on how to create good passwords2. Maintanance of workstations, the do’s, and don’ts3. Sensitizing users on access policies for both internet and email access4. Responsibilities of employees on computer security5. Emergency reactions and procedures6. Reporting proceduresThe points of focus for those in charge of system administration may include:a) Secure configuration of the systemsb) Management policies of user accountsc) Secure support system in remote accessThe trainings aspect that target non-technical users include and emphasize on:a) Identification of social engineering tacticsb) How enforcement and establishment of security policies can affect the bottom line.c) Public relations effects of viruses, DoS attacks and how security policies aid minimizing the risk.d) How to minimize down time usage through increased productivity through the locked down systems Training of users and the systems administrators play a crucial role in an organization.
The systems administrators and the management need to realize that security threats are very critical emanate from the inside (Fisher, 2001). For this reason, constant logging of user activity, monitoring internet, and email access are important ways of tracking breaches of both internal and external threats. If this is taken into account, the four principles of business security will have been upheld. They include, protection of information, maximizing on operational effectiveness, reducing corporate liability and protection of the organization’s image.
ReferencesClark University (2013). Higher education (http://www.clarku.edu/offices/its/policies/remoteaccess.cfm)Fisher, D.(2001) Insiders are main computer security threat. EWeek: http://www.zdnet.com/eweek/stories/general/0,11011,2777325,00.html
Read More