At 10:52 pm +1000 9/3/07, Andrew wrote:
Yes we severely restrict what they can do on the remote network.
No kids.
No saved paswords.
Firewalls on.
Updates on.
We select what AV and when it updates.
We select the anti spy ware.
We selct the ISP.
We remove napster like software, messenger etc.
We also educate them why we do this and what could happen to their business
network if something goes wrong.
We select the hardware, Pc's switches AP the lot.
Starting to use Cisco AP's to ensure secure wireless inside the home. This
also means the ISP can remotely monitor the AP if needed.
Preferably they have snapgears at home as well as the office.
Really only works when the client agrees that we also manage their soho
network.
Starting to think we need to run separate networks in the soho enviornment
so that the kids computers are completely isolated from the parents pc's.
Has anyone implemented that with a snapgear ?
Security ploicies are great but how many people read them, very few. Telling
them some of the bad things that can happen generally ensures they want to
comply.
Andrew.C
And that is exactly my point - lots of conditions and very little
control and even after writing and implementing an appropriate
security policy, how could you make sure it stayed implemented for
the life of the system.
Realsitically, you not only have to manage the home network, you also
need to control every piece of hardware connected to it as a separate
concern.
Has anyone has bothered with separately firewalled home networks??
(IE practice remote location at GPs home separate from home network)
Ian.
--
Dr Ian R Cheong, BMedSc, FRACGP, GradDipCompSc, MBA(Exec)
Health Informatics Consultant, Brisbane, Australia
Internet: [EMAIL PROTECTED]
(for urgent matters, please send a copy to my practice email as well:
[EMAIL PROTECTED])
PRIVACY NOTE
I am happy for others to forward on email sent by me to public email lists.
Please ask my permission first if you wish to forward private email
to other parties.
_______________________________________________
Gpcg_talk mailing list
[email protected]
http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
