Remote access to systems issecure, controlled and authorised.]]>This section covers information relating to the methods used by personnel to access an agency system from a remote location.]]>Remote access is defined as user access to agency systems originating outside an agency network. It does not include web–based access to DMZ resources. Further information on working off–site can be found in Chapter 21 – Distributed working. The requirements for using multi–factor authentication are described in the Identification and Authentication section of this chapter.]]>Remote access by a privileged user to an agency system via a less trusted security domain (for example, the Internet) may present additional risks. Controls in this section are designed to prevent escalation of user privileges from a compromised remote access account.]]>Remote privileged access does not include privileged access across disparate physical sites that are within the same security domain or privileged access across remote sites that are connected via trusted infrastructure. Privileged access of this nature faces different threats to those discussed above. Ensuring robust processes and procedures are in place within an organisation to monitor and detect the threat of a malicious insider are the most important measure for this scenario.]]>Cryptography is used to provide confidentiality and preserve integrity of data transmitted over networks where it may be intercepted or examined and is outside the control of the sender and recipient.]]>With the increases in speed and computing power and the cost reductions of modern computing, older cryptographic algorithms are increasingly vulnerable. It is vital that recommendations and controls in the NZISM are followed.]]>The use of approved cryptographic algorithms to encrypt authentication, session establishment and data for all remote access connections is considered good practice (See Chapter 17 - Cryptography and Chapter 21 - Distributed Working).]]>Further references can be found at:
]]>Authenticating remote system users and devices ensures that only authorised system users and devices are allowed to connect to agency systems.]]>Agencies MUST authenticate each remote connection and user prior to permitting access to an agency system.]]>Agencies SHOULD authenticate both the remote system user and device during the authentication process.]]>A compromise of remote access to a system can be limited by preventing the use of remote privileged access from an untrusted domain.]]>Agencies MUST NOT allow the use of remote privileged access from an untrusted domain, including logging in as an unprivileged system user and then escalating privileges.]]>Agencies SHOULD NOT allow the use of remote privileged access from an untrusted domain, including logging in as an unprivileged system user and then escalating privileges.]]>Virtual Private Networks (VPN’s) use a tunnelling protocol to create a secure connection over an intermediate (public) network such as the internet. A VPN uses techniques such as encryption, authentication, authorisation and access control to achieve a secure connection. See Chapter 17 for details on cryptographic selection and implementation.]]>A VPN can connect remote or mobile workers or remote locations to a private (agency) network.]]>Using Zero Trust principles alongside the use of VPNs provides additional security to agencysystems. For example, if a compromised device connects through a VPN to an organisationenforcing Zero Trust principles, potential damage to the organisationwill be minimised through limiting the access of the potential compromise.]]>Agencies SHOULD establish VPN connections for all remote access connections.]]>AgenciesSHOULD use Zero Trust principles alongside the use of VPN connections to enhance the security posture of the organisation. This should include removing the ability for a standard user to disable the VPN connection.]]>