An organization provides notebook PCs, cable wire locks, smartphone access, and virtual private network (VPN) access to its remote employees. Which of the following is MOST important for the information security manager to ensure?
A.
Employees use smartphone tethering when accessing from remote locations.
B.
Employees physically lock PCs when leaving the immediate area.
C.
Employees are trained on the acceptable use policy.
D.
Employees use the VPN when accessing the organization's online resources.
Using the VPN when accessing the organization’s online resources is the most important thing to ensure, as it provides a secure and encrypted connection between the remote employees and the organization’s network, and protects the data and systems from unauthorized access, interception, or tampering. VPNs also help to comply with the organization’s security policies and standards, and to prevent data leakage or breaches.
References = CISM Review Manual 2022, page 3081; CISM Exam Content Outline, Domain 4, Knowledge Statement 4.92; CISM 2020: Remote Access Security; How to Secure Remote Workers with VPN
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit