Remote Access | AC-17

Description

• Remote access to an information resource must be approved by the Chief Information & Technology Officer's designee and the Cybersecurity Manager before access is made
• Usage restrictions, configuration/connection requirements and implementation guidance is allowed. At a minimum:
  • Remote access to MCC-owned information resources must be conducted using a MCC controlled, encrypted point-to-point tunnel. Examples include the MCC Virtual Private Network (VPN), SSH, Microsoft Remote Desktop Protocol (RDP) over TLS, TN3270 over TLS and HTTPS over TLS.
  • RDP must be configured to require appropriate network encryption such as TLS.
  • RDP and SSH connections must initiate within the MCC network or through a secure Public access for these services is not allowed.

Last updated: 3/11/2024