The purpose of this policy is to protect eCuras’s electronic information from being inadvertently compromised by authorized personnel using a dial-in connection.
The scope of this policy is to define appropriate dial-in access and its use by authorized personnel.
eCuras employees and authorized third parties (customers, vendors, etc.) can use dial-in connections to access the corporate network. Dial-in access should be strictly controlled, using one-time password authentication.
It is the responsibility of employees with dial-in access privileges to ensure a dial-in connection to eCuras is not used by non-employees to access company information system resources. An employee who is granted dial-in access privileges must remain constantly aware that dial-in connections between their location and eCuras are literal extensions of eCuras’s corporate network. They provide a potential path to the company’s most sensitive information. The employee and/or authorized third party individual must take every reasonable measure to protect eCuras’s assets.
Analog and non-GSM digital cellular phones cannot be used to connect to eCuras’s corporate network, as their signals, can be readily scanned and/or hijacked by unauthorized individuals. Only GSM standard digital cellular phones are considered secure enough to connect to eCuras’s network. For additional information on wireless access to the eCuras network, consult the Wireless Communications Policy.
Note: Dial-in accounts are considered ‘as needed’ accounts. Account activity is monitored, and if a dial-in account is not used for six months, the account will expire and no longer function. If dial-in access is subsequently required, the individual must request a new account, as described above.
5.1 Compliance Measurement
The Infosec team will verify compliance with this policy through various methods, including but not limited to business tool reports, internal and external audits, and feedback to the policy owner.
The Infosec team must approve any exception to the policy in advance.
An employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
Revised: March 14th, 2018