Question

Do you believe a separate policy should be written to address remote access? If so, what should be included in the policy?

Answer 1

Yes I do believe in a separate policy that should be written to address remote access
There are numerous benefits to having and enforcing a foreign access policy. Software organizations where development engineers got to connect across multiple locations, small organizations lacking office-space, and large, enterprise organizations all want to supply the foremost flexible work options in order to draw in high-ranking candidates and reap the rewards of getting such a policy.
There are two overarching goals for remote access that has got to work simultaneously: to supply appropriate access that permits remote workers to be productive, and to guard the knowledge assets and systems from accidental or malicious loss or damage. In an era of accelerating compliance statutes that protect privacy and identity, strong network and remote policies provide guidelines to stop data misuse or mishandling. Policies also offer guidance to the remote user and set expectations that identify issues like anti-malware and operational system requirements, firewalls, and password protection.
Policies for VPN remote access can be standardized. These policies “shore up” and stop the utilization of rogue devices and access by non-authorized users, including the worker's relations or housemates. The policy also enforces proper email protocols to guard information from being sent through unsecured or untrusted sources, and also provides rules that limit or prohibit split tunnel configurations that allow mobile users to access both secure and unsecure networks simultaneously.
Policies for using company systems involve security, confidentiality, the integrity of data , and a hierarchy of access or availability.
Remote policies have guidelines for access which will include the following:
Hardware and software configuration standards for remote access, including anti-malware, firewalls, and antivirus
Encryption policies
Information security, confidentiality, and email policies
Physical and virtual device security
Access privileges, authentication, and access hierarchy
Connectivity guidelines
Password protocols
Acceptable use policies
Third-party protections and standards (trusted vs. non-trusted sources or hosts)
Policy compliance, governance, and enforcement
Access and equipment ownership requirements
The policies also can be customized to work out the time of use, time-out policies for disconnecting when idle, and determinations for where connectivity is prohibited (such as coffee shops or malls). The policies can also specify which hosting, software, antivirus, or hardware to use. Problems associated with unauthorized access by hackers or even family members can be clearly defined and enforced. Even if the employee provides their own equipment, laptop, or mobile device, the policy dictates and enforces the minimumsecurity requirements necessary. The policy also can provide determinations on who is allowed remote access, the extent of access, and penalties for misuse. There are numerous remote access policy templates and examples available online to supply a suggestion and start line for writing a robust policy.