Resources
← Back to all resources
Policy

Remote Access Policy Template

Control remote access to company systems with VPN, MFA, and device requirements.

Purpose

This policy defines the requirements for remote access to company systems and data. All remote connections must comply with these requirements to protect company information from unauthorised access, interception, or compromise.

Requirements

  • VPN mandatory: All remote access must go through the company VPN. No direct access to internal systems from the internet.
  • MFA required: Multi-factor authentication on VPN and all critical systems.
  • Approved devices: Only company-managed or BYOD devices with current OS and antivirus.
  • Session limits: Idle timeout after 15 minutes. Maximum session duration of 12 hours.
  • No public WiFi without VPN: Remote workers must not access company systems on public WiFi without VPN enabled.

Compliance

Violations may result in immediate suspension of remote access privileges and disciplinary action. This policy is reviewed annually and updated as needed.

Put this into practice with workro desk.

Create your workspaceMore free resources