A well-defined and carefully observed network access policy may seem to be a technical responsibility of your I.T. department—but it’s vital for CEOs, COOs, and CFOs to be aware of network accessibility. That’s true whether your company maintains a full-service, in-house I.T. department or you outsource to a managed I.T. services provider (MSP). Following is a network access policy primer for C-level executives.
Network Access Policy Overview
An important role of any help desk technician or network operations center (NOC) engineer is protecting access to the various resources that reside on your network. What would happen if John Q. Employee asked your I.T. manager (or called into your MSP’s help desk) and asked for access to the “Payroll” folder that contains some highly sensitive information? The answer to this question, and numerous more are provided in our “Client Network Access Policy.”
What is a Network Resource?
What is a network resource, anyway? Network resources come in all shapes and sizes, from a sensitive Excel document, to a folder used by management to store restricted documents, to a CEO’s mailbox. Anything that could be considered “sensitive” or “restricted” is likely considered a network resource. Access to network resources requires strict controls.
Network Access Form
As a managed I.T. services provider, my company follows best practices for network access. Some of our processes are unique to us because we work with many clients’ networks and across high-security environments, but you should find similar policies and procedures at other world-class MSPs. The processes we’ve developed are also scalable to internal I.T. departments. If you have an I.T. manager on staff, he or she should ensure network access security using similar practices.
The remote support engineers (RSEs) on our help desk receive requests daily to change access to our clients’ network resources. NetGain Technologies created our Client Network Access Policy to treat these requests in a structured and uniform manner. Any time an engineer accepts a request to change a network resource access for a user, our policy requires a Network Access Form (NAF). The NAF allows us to control changes to sensitive information for our clients. It also allows us to record and track every change by the requestor and the time requested.
What’s on the Network Access Form
NetGain’s NOC supports several clients that have their own network access forms, each varying in style and information. Our policy requires a minimum set of data points to be on all NAFs, however. These minimum requirements ensure that we can easily identify:
- The user(s) whose access level needs to be changed
- The resource(s) to which we are changing access
- Who is requesting the change
By enforcing this straightforward but important policy for every alteration to network access privileges, we ensure accountability for our clients. As a C-level executive, you should be certain your MSP or I.T. department follows a similar documentation process.
How it works
When we initially begin supporting a new client’s network, the client identifies a “Primary Contact” for our NOC communications. We work with the Primary Contact to customize and agree upon an acceptable Network Access Form. A copy of the NAF is filed in our records, and a second copy is sent to the Primary Contact. The Primary Contact, in turn, provides their customized form only to those officials within their company who have permission to request changes to network resources. When our NOC receives a completed network access form, the support engineer knows the form was provided by the Primary Contact and is therefore approved for the requested action.
Why it’s important
If you are the owner or CXO of a company, you want to restrict unauthorized employees or third parties from obtaining your sensitive or proprietary information. You would be worried if anyone calling the I.T. department or help desk was able to ask for access to anything they wanted and get it.
Creating a formal network access policy ensures that all changes in access to resources are both approved and tracked. With strict policies in place to control these changes, your I.T. provider will be able to ensure access to your network is controlled appropriately.