This security policy deals with “how to handle” and “the requirements” necessary for those not affiliated with your organization to connect to and access resources on the network.
The “who’s” and “why’s” behind such a request vary greatly and, when considering them, you should review the section on trust in Chapter 1, “There Be Hackers Here,” before making a decision. Requests will come to you from the following parties:
• Contractors/consultants trying to do legitimate work with your company
• Business partners of all sorts
• Customers, usually large and requiring special handling
This security policy provides the necessary guidelines for answering such requests and the requirements to be placed on the requestor. It ...