Lucas Esquivel
CYSE 425W
Policy Analysis Paper 1
The cyber security policy I have selected is Remote Access Policy. Remote access policy is a document which basically outlines and defines the acceptable methods of remotely connecting to the internal network. In large organizations it is critically used where the network is geographically dispersed and you have employees working remote from let’s say India, who need to connect to work with their buddies in the United States. There are many ways you can remotely access an internal network; part of this document does underline the acceptable methods. You can remotely connect by a lot of different methods, most commonly, by using a Virtual Private Network (VPN). VPNs use encryption to create a secure connection to a private network over the Internet. Another method is by using Single Sign-On (SSO) in which a user authenticates and with one set of login credentials the user can access all the applications and resources needed for them to complete their tasks. Remote access policy works in a national environment because it allows people to remotely connect from outside the main office. You can have a co-worker from the other side of the country connecting into the network and work, join meetings, and complete tasks as if they were in the office. Same applies in an international setting. For global companies like GE and Microsoft, where there are workers from across the globe, it is critical that workers can be able to connect from anywhere if they need to have a meeting with people from another part of the world. The only way to get the resources and services needed to jump into those important meetings is by remotely connecting via the remote access policy. One scholarly article called Science Direct (Naomi Alpern, “Security Standards and Services”) describes remote access policy as defining how the users can connect to the network and defines the conditions, remote access permissions, and creates a profile for every remote connection made to the corporate network. I like how they define remote access policy because it tells you everything that the policy is about in a short, easy manner. Another article states remote access policy as a written document containing the guidelines for connecting to an organization’s network from outside the office (Nicolette Carklin, What is A Remote Access Policy, Parallels.com). This is pretty much the most basic and dumbed down version of the definition I could find on the definition on remote access policy. The third journal article I saw describes the policy as a mix between the globalization of the increase of technology, focus on a steadier work-life balance, and an increase of more millennials entering the workforce, remote access has become a more prevalent working option (Morey Haber, Remote Access). This definition is more specific on why remote access policies came to be about, lately because of Covid organizations have started taking the work from home route using remote access as a way to still have everyone connected together even if not physically present at the office. I agree that it also provides a steadier work-life balance as you don’t have to leave your home and can work from anywhere, even if you’re on vacation, you can bring your computer, remotely connect and still be “present”. I feel like a remote access policy for organizations are crucial to keep companies running even when people aren’t physically present.