Information Technology Reference
In-Depth Information
Policy Requirements
The prevalence and growing use of mobile and remote-access solu-
tions creates a number of challenges for the modern network enter-
prise. Unless policies are put in place early and updated often, emerging
solutions may compromise organizational capabilities or expose data to
unauthorized review.
Required policies might include:
•
Mobile computing
—These are on-device requirements such as stor-
age encryption, firewall settings, requirements for device antivirus
software, and automatic patch management options. Liability for
loss requirements should be signed in agreement, before equipment
is transferred to the mobile user. A specific enumeration of allowable
device types may be necessary in some organizations.
•
Remote access
—These are policies governing transport and access
requirements, such as VPN configurations for remote access to
enterprise resources, SSL mandates for portals, and preventing local
retention of stored authentication credentials.
•
Wireless use
—These policies address the use of wireless connec-
tivity within the workplace or at remote locations. These policies
will include whether personal wireless technologies may be used and
which channels they may consume within the organization's physi-
cal space, or what types of authentication and encryption must be
used when using a remote wireless link.
Summary
This chapter has addressed the extension of network resources to an
increasingly mobile consumer base. Kari Skoog, a spokeswoman at Intel,
once said that the vision of future networking is to have access anytime,
anywhere, and on any device. This presents challenges for the enterprise
architect, who must manage the integration of rapidly evolving technolo-
gies into a sustainable enterprise environment. This potential requires
care in planning, application design, information presentation, and net-
work design. Without strong policies governing the facets of remote and
mobile access, enterprise functionality and data security are at risk. In
the next chapter, we will examine the impact of virtualization such as the
remote desktop mentioned earlier in this chapter.
