Office of the CIO
Queen's University-
Information Systems Security Office
- IT Security Policies
- Standards
-
Information Security Guidelines
-
Electronic Information Security Guidelines
- A1. Antivirus and Anti-Spyware
- A2. Security Updates and Patches
- A3. File Sharing and Remote Access
- A4. Secure Data Deletion and Destruction
- A5. Encryption
- A6. Physical Computer Locking
- A7. Account Passwords
- A8. Operating System Accounts
- B1. Account Hijacking
- B2. Sharing Your Personal NetID Password
- B3. Password Changes
- C1. Physical Location of Servers
- C2. Active Services and Open Ports
- C3. Backups
- C4. Firewalls
- C5. Remote Access
- C6. Physical Location of Network Devices
- D1. System Assessments
- D2. Permissions
- E1. Queen's Employee Requirements
- E2. Third-Party Requirements
- F1. Actual or Suspected Unauthorised Access
- G1. Multifunction Devices
-
Electronic Information Security Guidelines
- Education & Awareness
- Issues & Incidents
- Services
- Templates
C5. Remote Access
Off-campus remote administration access to critical servers must be available only through encrypted and secure connection methods (e.g., SSH, SSL/VPN).
How
Consult the help files that are provided with your operating system for guidance.
Why
Any connection to a Queen's server that is initiated from off-campus will travel through networks that are not controlled by Queen's. These networks may have malicious users capturing information that passes through them. If the data that passes through these networks is not encrypted, a malicious user can capture all the passed data (including your username and password) and read it just as easily as reading a Word document.