The challenges posed by allowing remote users access to an otherwise secure, centrally managed information system were addressed head on at The Hartford Financial Services Group. The challenge of remote access from a security perspective lies in the multiple points of administration, both central and remote. Multiple passwords come into play and the lack of centralization leads to inconsistent security standards across the enterprise. A remote access evaluation team was created that conducted an analysis of both products and vendors, developed a recommended dial-in strategy, and then sent to select vendors a request for proposal that included the Hartford's security requirements. Those RFP requirements included: 1. Where is user authentication executed? 2. What facilities do are in place to protect against a hacker gaining access to the corporate network? 3. How is information protected from unauthorized access by the network administration staff? 3. How is the company audited? and 4. How is password encryption performed.
展开▼
