[unisog] security implications of using PCAnywhere on campus network

Jim Dillon Jim.Dillon at cusys.edu
Thu Nov 18 01:39:51 GMT 2004


Generically I like to think of this like any other critical piece of access software:

1. It needs to be configured correctly as the risk involved demands (e.g. risk analysis for the server/apps/data involved.)
2. It's really another channel into your net.  It needs the due care, monitoring, and regular analysis any other channel needs.
3. Like other critical pieces, it will need regular updating and configuration tweaking.  Do you have the resources to afford that?  Do you have the training and budget to maintain the app appropriately?
4. It's coming from a machine you cannot control well, most likely.  I'd lay out some pretty harsh requirements for the host machine.  (e.g. update/security scans, software firewalls or even some firewall devices might be appropriate.  Perhaps you require an institutional machine be used, configured by the institution, and only for institutional business.

These types of questions always are "it depends" answers, and they all hinge around an accurate and useful risk assessment.  I've yet to see a really good risk assessment in such cases, and thus I'm normally opposed on those grounds.  If application/data owners can assess and accept the risk, then such a solution may be a reasonable course of action.

Best regards,

Jim

============================================
Jim Dillon, CISA
IT Audit Manager
University of Colorado Internal Audit
jim.dillon at cusys.edu
Phone: 303-492-9734
Dept. Phone: 303-492-9730
Fax: 303-492-9737

"We trained hard...but it seemed that every time we 
were beginning to form up to teams, we would be 
reorganized.  I was to learn later in life that we 
tend to meet any new situation by reorganizing; and
what a wonderful method it can be for creating the 
illusion of progress while producing confusion, 
inefficiency, and demoralization." 
- Petronios Arbiter, 210 B.C.
============================================

-----Original Message-----
From: unisog-bounces at lists.sans.org
[mailto:unisog-bounces at lists.sans.org]On Behalf Of Rob Becker
Sent: Wednesday, November 17, 2004 12:37 PM
To: unisog at lists.sans.org
Subject: [unisog] security implications of using PCAnywhere on campus
network


We have had a user request PCAnywhere access to our network from home
via the Internet.  Can anyone offer links to resources or personal
experiences with this software?  On principal I would prefer not to
allow any access beyond email from off campus, but I have been asked to
research this possibility.  Any help would be greatly appreciated.
Thanks.
Rob

_______________________________________________
unisog mailing list
unisog at lists.sans.org
http://www.dshield.org/mailman/listinfo/unisog



More information about the unisog mailing list